[Cryptography] Fwd: freedom-to-tinker.com: How is NSA breaking so much crypto?
Ryan Carboni
ryacko at gmail.com
Sun Oct 18 00:05:21 EDT 2015
To arguments about the long generation time of DH keys: you don't need a
cryptoperiod of one use, just have a cryptoperiod of one thousand SSL
connections. It increases the value of each key by one hundred times.
According to "Imperfect Forward Secrecy", it requires 30 core days for the
descent part of factoring, so there could be some variability in the
cryptoperiod length for each component of DH generation. Cryptoperiods are
a thing for a reason, because the government has recognized how difficult
it is to generate and distribute high entropy keys (at best typical crypto
on the internet has 0.9 bits per bit).
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20151017/83f13286/attachment.html>
More information about the cryptography
mailing list