Hi Kirk, > I'm pretty sure that the weakness of all the mechanism is the key-length and > I'd like to avoid the brute force attack or the worst birthday attack...so > here's my questions. There's no need to find collisions on the hash. The key is the weak point. Your attacker will factor N, change your message, then sign the altered message (using SHA-256).
> 1. For how many days can I use a 512-bit key? 0 > RSA-512 bit key and the SHA-256. The reason is that I need some > speed and I don't wanna add too many bytes in my frame > (with this set-up i'm only adding 64 bytes). Try an elliptic curve. It will be about 8-12 times faster than RSA, with a smaller signature. Since your using SHA-256, use P-256 or B-233. > Supposing that I'm sending 1000 messages every day :) Jeff On Sun, Nov 8, 2009 at 6:42 PM, Kirk81 <rigo_...@yahoo.it> wrote: > > Hello people, > > since all of you seem quite familiary with criptography and its tools I > would like to ask u something. > > I'm implementing a server/client application: the client has to collect data > and send them to the server in a frame format (unidirectional connection). > In any frame, I added a special field for digital signature (I'm not > considering a PKI). Actually, I'm using the RSA signature mechanism (hash > and sign paradigm) with a RSA-512 bit key and the SHA-256. The reason is > that I need some speed and I don't wanna add too many bytes in my frame > (with this set-up i'm only adding 64 bytes). > Supposing that I'm sending 1000 messages every day > > The frame also presents a time field which represents when the frame was > formatted and a sample count field which is repeated any second: this should > be avoid a replay-attack. > > The man-in-the-middle attack, the integry and the non-repudation mechanism > should be countered by the digital signature. > > I'm pretty sure that the weakness of all the mechanism is the key-length and > I'd like to avoid the brute force attack or the worst birthday attack...so > here's my questions. > > 1. For how many days can I use a 512-bit key? Should I worry first about the > factorization problem or the fact that my adversary can recover the key from > the messages I sent? Can someone explain them with any numerical examples? > > 2. Are there other attacks (or troubles) I should consider? > > Thanks in advance, > > Kirk > > [SNIP] ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
