Hello people, since all of you seem quite familiary with criptography and its tools I would like to ask u something.
I'm implementing a server/client application: the client has to collect data and send them to the server in a frame format (unidirectional connection). In any frame, I added a special field for digital signature (I'm not considering a PKI). Actually, I'm using the RSA signature mechanism (hash and sign paradigm) with a RSA-512 bit key and the SHA-256. The reason is that I need some speed and I don't wanna add too many bytes in my frame (with this set-up i'm only adding 64 bytes). Supposing that I'm sending 1000 messages every day The frame also presents a time field which represents when the frame was formatted and a sample count field which is repeated any second: this should be avoid a replay-attack. The man-in-the-middle attack, the integry and the non-repudation mechanism should be countered by the digital signature. I'm pretty sure that the weakness of all the mechanism is the key-length and I'd like to avoid the brute force attack or the worst birthday attack...so here's my questions. 1. For how many days can I use a 512-bit key? Should I worry first about the factorization problem or the fact that my adversary can recover the key from the messages I sent? Can someone explain them with any numerical examples? 2. Are there other attacks (or troubles) I should consider? Thanks in advance, Kirk -- View this message in context: http://old.nabble.com/about-the-security-of-a-tipical-client-server-application.-tp26259295p26259295.html Sent from the OpenSSL - User mailing list archive at Nabble.com. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
