On Wed, May 14, 2008 at 12:25:08PM +0100, Jon Dowland wrote: > Given that rainbow tables for vulnerable keys are > predicated on the size of the key, would you consider > randomizing the length of the host RSA key, to protect > against future exploits?
The client is told how long the host RSA key is, so I'm afraid all this would do would be to slow an attacker down slightly (a few hours of computation at most) and make it infeasible to ship blacklists such as we have been able to do this time for at least a reasonable subset of the affected keys. Thus, I don't think this is a good idea. Do you agree, given this rebuttal? (I don't know if you know the exact nature of the blacklist generation; at the moment I don't want to give out exploit code.) Regards, -- Colin Watson [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
