Re: server security :: user accounts, ssh, passphrases, etc.
On Fri, Apr 04, 2008 at 02:43:58AM +0200, s. keeling wrote:
> Brian McKee <map@map-heb.com>:
> > On 3-Apr-08, at 1:23 PM, Dave Sherohman wrote:
> > > Unless they take the time to successfully factor the
> > > public key,
> >
> > Can you expand on that sentence? I'm not sure what you meant by it.
>
> I imagine he means a brute force crack. Got a supercomputer or
> botnet available? Does the target use md5 passwords? Good luck.
I do, but of a different (and much more difficult) type.
My (admittedly limited) understanding of public key crypto is that the
public and private key are connected by the relationship of two extremly
large prime numbers. It is mathematically possible, then, to identify
those numbers by factoring the numeric value of the public key and then
use them to deduce the value of the private key.
In practice, any decent public key system will use large enough primes
that this is a "Got a supercomputer or a botnet and a good bit of time?"
case which makes brute-forcing an md5 password file look easy, but I
like to be complete and it is a conceivable avenue of attack, even
though it's thoroughly unfeasible to conduct unless/until there's a
major breakthrough in techniques for factoring very large numbers. (Or
maybe an advance in quantum computing. A lot of people seem to expect
that this sort of task will be easy for quantum processors, but I don't
know of it having ever been actually done.)
--
News aggregation meets world domination. Can you see the fnews?
http://seethefnews.com/
Reply to:
- References:
- server security :: user accounts, ssh, passphrases, etc.
- From: "Russell L. Harris" <rlharris@oplink.net>
- Re: server security :: user accounts, ssh, passphrases, etc.
- From: Dave Sherohman <dave@sherohman.org>
- Re: server security :: user accounts, ssh, passphrases, etc.
- From: Brian McKee <map@map-heb.com>
- Re: server security :: user accounts, ssh, passphrases, etc.
- From: "s. keeling" <keeling@nucleus.com>