Re: Does SSL use RSA keys? [L&P]

Sun, 5 Sep 1999 23:50:59 -0700 

Technically, 512-bit RSA isn't itself cracked, but a 512-bit public key
has been factored:

http://www.rsa.com/pressbox/html/990826.html

Do note it took some time...

Bryan


On Sep  6, 1999 13:21, Ben Nagy stated:
> Any crypto geeks out there?
> 
> What is the "512 bit RSA encryption module"? Has anyone seen this article?
> Michael - do you have a reference?
> 
> I'm not sure what the supposed implications of this are, but I'm pretty sure
> that if RSA had finally been compromised there would be many more people off
> their rice crispies than just people buying stamps on the Internet...
> 
> Before I get to the long bit, someone check me on this - does SSL provide
> PFS? What are the attacks against the key exchange? Does private key
> compromise lose you the game for sure?
> 
> Michael - here is some crypto primer...
> 
[...]
> 
> The moral of the story is: don't lose your private key.
> 
> Cheers,
> 
> Oh, and Boyd - I don't ever want to hear the phrases "impossible to break"
> or "trillion-trillion years" (in relation to crypto) again. ;)
> --
> Ben Nagy
> Network Consultant, CPM&S Group of Companies
> PGP Key ID: 0x1A86E304  Mobile: +61 414 411 520
> 
> 
> 
> -----Original Message-----
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
> Sent: Saturday, September 04, 1999 5:05 AM
> To: [EMAIL PROTECTED]
> Subject: Does SSL use RSA keys?
> 
> 
> To all that have a clue,
> 
> Please help clarify two points.  If this is a little off for this list,
> please excuse.  I know you folks out there know the answers.
> 
> Does SSL use RSA keys?
> 
> In SSL, is the key generated each time a browser initiates a session?
> Or if someone has the "crack" for a certain key, can they then decrypt
> all messages coded with that key?
> 
> What started all this?  An article I read said that the 512 bit RSA
> encryption module had been cracked.  The headline of the article said
> that "the standard used to encrypt financial transactions on the
> Internet is no longer secure."
> 
> My impression was that the RSA keys are used in PGP and a lot of VPN
> networks, and that the SSL keys are not the same.
> 
> Please clarify.
> 
> Thanks,
> Michael Sorbera
> Webmaster
> Randolph-Brooks Federal Credit Union
> 
> "In the land of the clueless, he who has half a clue is King!"
> 
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]

Reply via email to