[Nix-dev] SECURITY: default SSH host keys are weak

Peter Simons simons at cryp.to
Sat Aug 24 11:42:15 CEST 2013


Hi Aristid,

 > Just how weak are they, and why?

1024 bit DSA keys are considered "weak" in the sense that someone might
be able to crack those if he or she is super motivated to do so and has
a couple of million dollars to spend. In other words, if you intend to
blow the whistle on some secret NSA spy program any time soon, then you
probably shouldn't use those keys to protect your communication.

1024 bit DSA is perfectly secure, however, to protect against attackers
other than crazy billionaires, organized crime, and government agencies.
Mounting a meaningful attack against a 1024 bit DSA key is just too
expensive to be feasible on a large scale.

Nonetheless, there is no reason to stick to 1024 bit DSA keys -- more
secure public key encryption schemes are readily available --, and if
you have the chance to upgrade your installation, then it's probably a
good idea to do it.

Take care,
Peter



More information about the nix-dev mailing list