[Cryptography] FREAK attack
Salz, Rich
rsalz at akamai.com
Fri Mar 6 21:05:02 EST 2015
Based on the replies I am seeing, I realize that my question was not clear. Let me try again.
Make a timeline for the past 15 years. Which one cipher, *for each year* should SSL/TLS have used? Won’t it change at least once? Move it forward to project the cipher in use for the next 3-5 years because that’s what TLS WG is working on right now.
Once you have the list of ciphers, loosely describe the protocol changes needed to deploy. If “pick a cipher” isn’t part of the initial handshake, does it become “pick a version”? Or does the clinet connect ‘n’ times, with the associated TCP overhead?
If FREAK shows 512K RSA can be factored in under half a day, then perhaps 1K RSA, which some have picked for the base year, can probably be factored in a week or two. So clearly, there has to be at least one change in your timelines.
--
Senior Architect, Akamai Technologies
IM: rsalz at jabber.me<mailto:rsalz at jabber.me> Twitter: RichSalz
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20150307/2c3a6985/attachment.html>
More information about the cryptography
mailing list