On Friday 04 of May 2012 21:41:25 Peter Lebbing wrote: > On 04/05/12 20:54, Ali Lown wrote: > > Might I point out that discussion is with respect to an 8k RSA SSH key > > for SSH authentication, not for email. A 2 second delay during the > > initialization of an SSH connection is not a problem. > > And here is precisely something interesting: 8k RSA is discussed as a method > to keep messages confidential for decades. I haven't looked into it, but > I'm under the impression RSA is used purely for authentication in SSH, not > for key exchange[1]. What are you protecting decades against here? A server > reusing a random challenge? That seems quite far fetched. > > Oh, by the way, only the computational load for the client was discussed. > There's also the server (although the public side of the computation is > quicker than the private side). The server gets logins from potentially a > lot of clients. > > Peter. > > [1] I get this impression because there is a configuration option for > OpenSSH sshd that selects which key exchange methods to use, and they all > have DH (Diffie-Helmann) in their name.
As far as I know, OpenSSH uses DH parameters of the same size as the RSA keys: for 8k DH you need 8k RSA or (which is unmaintainable) manually force use of 8k DH. Regards, -- Hubert Kario QBS - Quality Business Software 02-656 Warszawa, ul. Ksawerów 30/85 tel. +48 (22) 646-61-51, 646-74-24 www.qbs.com.pl _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users