On 2/9/17 4:45 PM, Derek Atkins wrote: > Hi, > > "Panos Kampanakis (pkampana)" <pkamp...@cisco.com> writes: > >> I am not saying symmetric keys are better than public key auth. >> I am saying that applying an 80-bit security level (RSA/DSA1024) today >> offers a false sense of security. You might as well not authenticate >> the messages. > I disagree. I think in many cases an 80-bit asymmetric signature is > better than a 128 (or even 256-bit) group-symmetric scheme, precisely > because with the symmetric scheme you only need to acquire the group key > from one node, which means you can attack ANY node, whereas with the > asymmetric scheme you MUST attack the signing node (which can have > better defenses).
It can, Derek, but it might not. Think light switch or doorbell button. Eliot
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Ace mailing list Ace@ietf.org https://www.ietf.org/mailman/listinfo/ace
