[43186] in Cypherpunks
Re: PGP Comment feature weakens remailer security
daemon@ATHENA.MIT.EDU (Jon Lasser)
Thu Nov 9 15:57:46 1995
Date: Thu, 9 Nov 1995 15:21:46 -0500 (EST)
From: Jon Lasser <jlasser@rwd.goucher.edu>
To: "Perry E. Metzger" <perry@piermont.com>
Cc: Raph Levien <raph@cs.berkeley.edu>, Lance Cottrell <loki@obscura.com>,
cypherpunks@toad.com, stewarts@ix.netcom.com
In-Reply-To: <199511091413.JAA15288@jekyll.piermont.com>
On Thu, 9 Nov 1995, Perry E. Metzger wrote:
> > I agree entirely. That's why my PGP key at school is 382 bits. It's a
> > lot easier to compromise my machine than factor a 382 bit number.
>
> On the other hand, it costs nothing by most people's standards to use
> a 1024 bit key, so why not use one? I find that there is only a point
> in using low security for anything in particular when there is a
> perceivable cost to it -- if the cost is typing a different number
> while doing key generation, I don't see why one should suffer the
> tradeoff.
Actually, it makes a sort of sense; if I see a 384 bit PGP key, it
strikes me as insecure, and I really consider it; unless it says so on
the 1024 bit key, I wouldn't think about it much. It's useful as a human
identifier, assuming it's not the weakest link in the chain.
Jon
------------------------------------------------------------------------------
Jon Lasser <jlasser@rwd.goucher.edu> (410)494-3072
Visit my home page at http://www.goucher.edu/~jlasser/
You have a friend at the NSA: Big Brother is watching. Finger for PGP key.
