1 |
On 13 Aug 2015 09:00, Kristian Fiskerstrand wrote: |
2 |
> On 08/13/2015 05:17 AM, Mike Frysinger wrote: |
3 |
> > +Your best option is to generate new keys using newer types such as |
4 |
> > rsa +or ecdsa or ed25519. RSA keys will give you the greatest |
5 |
> > portability +with other clients/servers while ed25519 will get you |
6 |
> > the best security +with OpenSSH (but requires recent versions of |
7 |
> > client & server). |
8 |
> |
9 |
> Strictly speaking DSA/DSS is newer than RSA (FIPS-186-1 came in early |
10 |
> 90's, RSA around since 70s, although the ElGamal signature scheme was |
11 |
> around before that). |
12 |
|
13 |
i'll rephrase: |
14 |
-Your best option is to generate new keys using newer types such as rsa |
15 |
+Your best option is to generate new keys using strong algos such as rsa |
16 |
|
17 |
> ECC gives a better performance on the same |
18 |
> security level when comparing to DSA/RSA, however claiming better |
19 |
> security in general isn't necessarily valid, Ed25519 is a signature |
20 |
> scheme over Curve25519 which is a 256 bit curve generally considered |
21 |
> to be 128 bit security level, roughly comparable to a 3072 bit RSA key. |
22 |
|
23 |
using ed25519 allows you to build openssh w/USE=-ssl which does get you |
24 |
better security due to the smaller attack surface. but the point of the |
25 |
news item is to push people in the right direction w/out getting into a |
26 |
dissertation on the nuances/details that people realistically won't grok |
27 |
and won't make a difference to them. if they're experts/interested, it |
28 |
should be easy to locate additional material (including the linked page). |
29 |
-mike |