[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: speaking of keys
>You only get about 80 bits of strength from a 1024-bit DH group. That
>seems insufficient for reasonable paranoids.
>
>Hilarie
Now I am really puzzled, given the recent messages from David Wagner
in which 160 bits of entropy was accorded to 1024-bit DH:
>"This objection has already been addressed on the list. Those 1024
>bits of Diffie-Hellman only have 160 bits of strength (160 bits of
>"computational entropy"), hence you're not reducing security by hashing
>it down to 160 bits.
>
>Indeed, in some sense you are improving security by hashing the 1024-bit
>Diffie-Hellman result down to a 160-bit security, just as Hugo's earlier
>note pointed out. Can I encourage you to re-read Hugo's earlier emails
>on this topic? I hope you will find them persuasive. (I certainly did.)"
What gives?
Steve