Jeffrey Walton-3 wrote: > >> I've already implemented the ECDSA scheme in my application: >> using SHA-1 and secp160k1. > In that case, consider using ECDSA. > What about RSA with a 704-bits key and the SHA-256?
Jeffrey Walton-3 wrote: > >> Is there any real implementation who can show me how much >> time someone need to factor 512-key? > See, for example, the RSA challenges (dated) and the prime pages > (http://primes.utm.edu/). UTM seems to keep the pages up to date. > Outside of that, search SiteSeer or ask over at sci.crypt. > Yep, thanks..i'm also looking on wiki the RSA challenge. I also found out that recently about a group's success in breaking the signature keys used for several Texas Instrument calculators. (http://www.schneier.com/blog/archives/2009/09/texas_instrumen.html) Jeffrey Walton-3 wrote: > >> So, should i worry about an attack on the SHA-1? > The security level has been reduced to somewhere around 2^50 (from an > ideal level of 2^80). See McDonald, Hawkes, and Pieprzyk's paper from > Eurocrypt 2009. I also agree with John Pierce's thinking: the threat > model should include either a well funded [agency|government], or a > distributed effort. > It is also point it out in the NIST Special Publication 800-107. Jeffrey Walton-3 wrote: > >> So, should i worry about an attack ... on the # of sent messages? > I don't believe so. I'd have to go to the HAC, but I believe the > number of messages under a key applies to encipherment and not > signatures. > > Also keep in mind that FIPS recommends/requires SHA-2, which means you > can drop to SHA-224 if the 1000 messages per day are placing too much > of a burden on your server. > i'm going to implement the ECDSA with SHA-256, (of course with a longer key than secp160k1). and i'm gonna have a look to the performace. Thanks -- View this message in context: http://old.nabble.com/about-the-security-of-a-tipical-client-server-application.-tp26259295p26272752.html Sent from the OpenSSL - User mailing list archive at Nabble.com. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
