"This destroyes the RSA cryptosystem" -accomplished mathematician from frankfurt university.

originally posted by: Arbitrageur
that doesn't necessarily mean that 1024 but RSA encryption is "destroyeeed".

4096 was the number back in my day. And, it was "destroyeeed". 256 was prevalent at the time. I've no doubt the number didn't matter much. The method of deciphering had been conclusively discovered. Might be someone found a new method to encrypt ... but, I never heard of it.

a reply to: Snarl
Source? Details?

Note that recently the original RSA algo is being deprecated by openSSH. I noticed this when I I updated a copy of Cygwin, and found that I had to add some config lines to the configure script to talk to older kit.

I suspect that other clients will follow the same route soon, and old RSA will follow old DSA into history.

This is an ongoing thing, which will cause lots of updates to browsers etc.

originally posted by: Snarl

originally posted by: Arbitrageur
that doesn't necessarily mean that 1024 but RSA encryption is "destroyeeed".

4096 was the number back in my day. And, it was "destroyeeed". 256 was prevalent at the time. I've no doubt the number didn't matter much. The method of deciphering had been conclusively discovered. Might be someone found a new method to encrypt ... but, I never heard of it.

Depending on when 'back in my day' was, it's likely that newer crypto systems have been developed since then.

The 4096 number, the bit size of the key, most definitely matters. For asymmetric crypto systems like RSA (if we can agree that's what we're discussing), the bigger the bit length, the larger the number space is of potential prime factors to form the key value, which determines how much computing power/how long it'll take to "brute force", i.e. scan through all possible key values and try them out. Note that increasing the bit length is actually an exponential growth in the potential key space (an increase of something like 2^(4096-1024)),
*not just a simple linear multiplication* of key strength.

For 256, that sounds more like the key size for a symmetric encryption algo or cryptographic hash, which has different uses and different evaluations of what a strong key is, than public key cryptography (RSA).

Are you possibly referring to some much older crypto system that the US military might have used back in the day? RSA was developed only back in the late 1970s, and wasn't really widely adopted till a bit after.

originally posted by: Darkstar2
Note that recently the original RSA algo is being deprecated by openSSH. I noticed this when I I updated a copy of Cygwin, and found that I had to add some config lines to the configure script to talk to older kit.

I suspect that other clients will follow the same route soon, and old RSA will follow old DSA into history.

This is an ongoing thing, which will cause lots of updates to browsers etc.

Yes, OpenSSH does try to maintain consistency with newer crypto systems to keep ahead of the security curve.

OpenSSH uses a variety of asymmetric, symmetric and hash algos in its operation. I do notice the deprecation of RSA for use in public key signatures at some point in the future, as you mention.

OpenSSH 8.3 Release Notes

What you might be referring to, for updating your config, would be the choice of symetric cipher algos that OpenSSH uses to encrypt the actual packets on the wire. There was not long ago a shift away from AES-CBC to AES-CTR as preferred ciphering algo.

originally posted by: SleeperHasAwakened
Note that increasing the bit length is actually an exponential growth in the potential key space (an increase of something like 2^(4096-1024)),
*not just a simple linear multiplication* of key strength.

For 256, that sounds more like the key size for a symmetric encryption algo or cryptographic hash, which has different uses and different evaluations of what a strong key is, than public key cryptography (RSA).

Yes, if we are talking RSA keys, 4096 seems pretty large. The 1024 RSA was recommended in something like 2002, and I still haven't seen any public information that it's been "destroyes", since as you posted earlier, the longest RSA length that's been "destroyes" publicly is 829 bits, rather short of 1024.

Also, in 2015 the recommended RSA key length was increased from 1024 to 2048, so 2048 should take a really long time to crack, except maybe not with a quantum computer, but those aren't quite up to the task yet. RSA says the 2048 RSA keys should be OK to use until maybe 2030, by which time another longer key or different encryption recommendation will have already replaced that.

originally posted by: Arbitrageur
a reply to: Snarl
Source?

It was a military project. The OIC got a star shortly after. That's about all the more I'm willing to say about it ... one of those projects where you have to be 'read on' just to participate/know.

Details?

They had a bunch of motherboards strung together with tape cable, i486 MPs, maxed out RAM (probably 8GBs/board). That was (by my estimate) half a million dollars worth of hardware in a single room. Later, they added some kind of fancy video cards to the mother boards and sped it up more.

Output was to a HDD and then turned over to analysts. What was saved was always text format. More interesting solutions after ... but, I was gone by then and shouldn't have even heard. Now ... I'm no computer whiz ... so what I saw might not fascinate a computer geek. There was a reason stuff was saved in text format. The scope of what was being 'listened to' and selectively recorded was mind boggling. And ... for the wow factor ... not all of it came from terrestrial sources.

a reply to: Snarl

Cool, thanks for sharing.

Definitely sounds like a 'brute force' code cracking operation to me, with that level of resources. However, it'd take likely 10s of thousands of years to brute force an RSA message with that computational power; nothing short of quantum processing has enough operations/sec to brute force 2048+ RSA keys.

I'm not familiar with encryption schemes for radio & traditional signal transmissions. I wonder if we used crypto systems from the public domain (NIST, etc) or just created our own "private" ciphers.

Sigint seems like it'd be a very interesting MOS. When I enlisted, the closest Army Reserve unit to where I lived in Central New York was a Combat Support Hospital (CASH), so I was locked into 91-series MOS back then. If I could go back in time and choose my MOS now, sigint would be near the top of the list.