On 1/21/2010 9:24 PM, Eric Rescorla wrote:
On Thu, Jan 21, 2010 at 9:09 PM, Paul Wouters<p...@xelerance.com> wrote:
On Thu, 21 Jan 2010, Eric Rescorla wrote:
The point is that the numbers depend on your model of the attacker
more than on the cryptography.
Yes, but my point is that the safety period depends on your assumptions
about the attacker's resources, which is why this is not really a
technical
issue.
It is also based on the presumed technological advances of attackers. If
you talk to a cryptographer about a 1024 bit RSA key, they will tell you
"don't use that anymore". When you tell them "well, it is very useful
to us to reduce packet size in DNS" they tell you "go use ECC".
We made a technological trade of. Though extremely conservative, all the
cryptographers (or really cryptanalysts) I talked to are more conservative
then we have been. Whether you call this technical or philosophical, does
not really change the issue. The model of the attacker is a fundamental
part of the cryptography.
I really have no idea what you're talking about here. There is widespread
agreement about the technical difficulty of attacking RSA. The question
of how that impacts your behaviors has primarily an economic question,
not a cryptographic one.
With that said, cryptographers actually don't tend to think particularly deeply
about the attack model;
Understatement
rather they assume a certain fairly idealized model
of attacker capabilities and try to demonstrate that their systems have
certain properties under those models. This is fundamentally different
from the kind of thinking required here.
Or how their crypto-algorithm works in production for that matter. The
use model issue is why there is so much bad crytography out there IMHO
Todd Glassey
-Ekr
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
No virus found in this incoming message.
Checked by AVG - www.avg.com
Version: 8.5.432 / Virus Database: 271.1.1/2637 - Release Date: 01/21/10
19:34:00
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
