[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: pre-shared key v RSA encryption or RSA signature authentication modes



The fact that most users wont have a shared secret with 256 bits of
entropy?  I suspect that most shared secrets are probably in the 64-80
bits of entropy at the highest, and probably much lower than that.

Based on the lack of entropy in shared secrets, I believe RSA sigs
to be much stronger due to the better entropy in the key.

-derek

Uri Blumenthal <uri@lucent.com> writes:

> "Prof. Ahmed A. A. Adas" wrote:
> > As a researcher in cryptosystems and protocols, I would say that RSA-sig IKE
> > is much more powerful unless someone is using quantum computing attacks,
> > which are not feasible in the near future.
> 
> It is comparing apples with oranges.  The conclusion appears
> incorrect,
> and way too generalizing [without due justification].
> 
> Please explain - based on what is, say 2048-bit RSA-sig stronger than,
> say 256-bit key-based AES-XCBC-MAC signature? What is your criteria?
> What attacks are you considering? What is your model?
> --
> Regards,
> Uri
> -=-=-=<>=-=-
> <Disclaimer>

-- 
       Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
       Member, MIT Student Information Processing Board  (SIPB)
       URL: http://web.mit.edu/warlord/    PP-ASEL-IA     N1NWH
       warlord@MIT.EDU                        PGP key available