On 13 Aug 2015 09:00, Kristian Fiskerstrand wrote: > On 08/13/2015 05:17 AM, Mike Frysinger wrote: > > +Your best option is to generate new keys using newer types such as > > rsa +or ecdsa or ed25519. RSA keys will give you the greatest > > portability +with other clients/servers while ed25519 will get you > > the best security +with OpenSSH (but requires recent versions of > > client & server). > > Strictly speaking DSA/DSS is newer than RSA (FIPS-186-1 came in early > 90's, RSA around since 70s, although the ElGamal signature scheme was > around before that).
i'll rephrase: -Your best option is to generate new keys using newer types such as rsa +Your best option is to generate new keys using strong algos such as rsa > ECC gives a better performance on the same > security level when comparing to DSA/RSA, however claiming better > security in general isn't necessarily valid, Ed25519 is a signature > scheme over Curve25519 which is a 256 bit curve generally considered > to be 128 bit security level, roughly comparable to a 3072 bit RSA key. using ed25519 allows you to build openssh w/USE=-ssl which does get you better security due to the smaller attack surface. but the point of the news item is to push people in the right direction w/out getting into a dissertation on the nuances/details that people realistically won't grok and won't make a difference to them. if they're experts/interested, it should be easy to locate additional material (including the linked page). -mike
signature.asc
Description: Digital signature