On Fri, 6 May 2011, Brian wrote:
A strong password is no less secure in brute force terms than a key so
Oh yes it is. A strong password may take a very long time to brute force,
but that isn't what you said.
Breaking an arbitrarily long key pair is regarded as being
cryptographically infeasible. That means it isn't practical for anyone to
even undertake the attack.
So how long does the key need to be? That changes with time due to
advances in computer hardware. Right now attacks against 1024 bit RSA
keys may be cryptographically feasible. So use a longer key if you fear
you may be subject to a sustained brute force attack[1].
[1] Hint: home users are probably not the targets here :)
Cheers,
Rob
--
Email: rob...@timetraveller.org Linux counter ID #16440
IRC: Solver (OFTC & Freenode)
Web: http://www.practicalsysadmin.com
Contributing member of Software in the Public Interest (http://spi-inc.org/)
Open Source: The revolution that silently changed the world
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive:
http://lists.debian.org/alpine.deb.2.00.1105070225570.7...@castor.opentrend.net
