[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: pre-shared key v RSA encryption or RSA signature authentication modes
Michael Choung Shieh wrote:
> I don't think the protocol itself has the limitation on the length of
> preshare key. so the answer shouldn't be RSA-sig is stronger, but preshare
> key could allow users to use weaker entropy.
And even then - entropy for what? It has no bearing on the resulting
SA
parameters... Attacking it won't be an option for a long time... [Of
course the assumption is - people won't put their passwords as IKE
pre-shared keys. I ahven't seen such fools yet, but anything is
possible - even keeping your RSA private key on a public host
in an available place.]
But my original point stands: a "normal" 128-bit symmetric key is
"stronger" than a "normal" 1024-bit RSA key.
In practice, such a key usually is generated ONCE [in a long time]
on a per-host-pair basis, from something like /dev/random on Linux,
typed in once, and is there for quite a long time.
RSA (and other PK) makes it EASIER to administer the keys. Much
easier. But not stronger.
--
Regards,
Uri
-=-=-=<>=-=-
<Disclaimer>