[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Fwd: Re: IKEv2 Key Size Conformance Requirements
>>>>> "Andrew" == Andrew Krywaniuk <andrew.krywaniuk@alcatel.com> writes:
Andrew> I still haven't figured out what the big deal is. If someone wants to use a
Andrew> 1022 bit key, can't they just call it a 1024 bit key where the 2 leading
Andrew> bits are zero? Is there some RSA chip/library out there that assumes that
Andrew> the high bit is a 1? The math works either way.
Well, the OpenSSH people think that this is "broken", that you'd have a 1022
bit key. I think that this reflects a misunderstanding of how public key
cryptography works.
I agree with you, however.
] ON HUMILITY: to err is human. To moo, bovine. | firewalls [
] Michael Richardson, Sandelman Software Works, Ottawa, ON |net architect[
] mcr@sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [