>>>>> "Jari" == Jari Arkko <jari.ar...@piuha.net> writes: >> What is it that you don't understand. I will be happy to explain >> it to you.
Jari> Thanks. I read the details, but I'm missing the big Jari> picture. I.e., some effort is required from the owner to Jari> create an address. By repeating that effort (2^59)/2 times, Jari> someone else is likely to hit the same key with a key pair Jari> that he or she controls, and an attack can be launched. What Jari> changes from RFC 3972 to your draft in this high-level Jari> analysis? To repeat your analysis, in part so that *I* understand as well: a) CGA too expensive (generating new RSA) to calculate for nodes that want mobility and/or privacy. yet: b) finding a hash collision takes, (2^59)/2 < effort to break RSA behind CGA. So the expensive of the CGA exceeds the (cryptographic) benefit. (a) is a concern for nodes that are moving, not for web servers. (b) makes CGA possibly uninteresting even web servers. -- ] Never tell me the odds! | ipv6 mesh networks [ ] Michael Richardson, Sandelman Software Works | network architect [ ] m...@sandelman.ca http://www.sandelman.ca/ | ruby on rails [
pgpin6yGGoOzm.pgp
Description: PGP signature
-------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------