Re: comments on client auth

[dpkemp@missi.ncsc.mil (David P. Kemp)]

> 
> If key generation were guaranteed to have enough real entropy for the key
> size, I don't worry about the 2^{-1024} or less chance of duplicate key
> generation (worse for elliptic curves because keys are smaller, but still
> infinitessimal).

I'm not a mathematician, but do I remember being surprised back in high
school to learn that with 38 people in a room, there's a 50% chance that
two of them have the same birthday.

Perhaps someone more proficient with numbers could calculate how many
certificates would have to exist in the world, each generated with perfect
1024 bit entropy, before there was, say, a 1% chance of a collision.
 
> Are you suggesting that a single entity generate all keys so that if there's
> a weakness it can let out only unique keys and no one becomes aware of the
> weakness?

No!

> ...that a single entity register all public keys, so that it can say "oops,
> try that one again -- and we're not telling you why"?

Good question.

---

Follow-Ups:

• Re: comments on client auth
• From: Ben Laurie <ben@gonzo.ben.algroup.co.uk>
• Re: comments on client auth
• From: Bill Sommerfeld <sommerfeld@apollo.hp.com>

---

• Prev by Date: AUTH statements for common Internet cases
• Next by Date: Re: comments on client auth
• Next by thread: Re: SDSI name interpretation
• Index(es):
  • Main
  • Thread