Is ssh not safe?
Brentley
brently at gmail.com
Sun Jul 25 01:51:07 UTC 2004
> I think SSH is safe enough with its encryption.( Of course everything can
> eventually be cracked )
I know it's not the same algorithm, but I want to point out that,
while yes, technically you're statement is accurate, realistically it
isn't...
If you had started at the dawn of time with a brute force crack of 128
bit AES encryption, you'd still not even be 20% done. :)
>From the FAQ found at NIST's website:
How secure is AES?
What is the chance that someone could use the "DES Cracker"-like
hardware to crack an AES key?
In the late 1990s, specialized "DES Cracker" machines were built that
could recover a DES key after a few hours. In other words, by trying
possible key values, the hardware could determine which key was used to
encrypt a message.
Assuming that one could build a machine that could recover a DES key in
a second (i.e., try 2^55 keys per second), then it would take that
machine approximately 149 thousand-billion (149 trillion) years to crack
a 128-bit AES key. To put that into perspective, the universe is
believed to be less than 20 billion years old.
Approximately how big are the AES key sizes?
The AES will specify three key sizes: 128, 192 and 256 bits. In decimal
terms, this means that there are approximately:
3.4 x 10^38 possible 128-bit keys;
6.2 x 10^57 possible 192-bit keys; and
1.1 x 10^77 possible 256-bit keys.
In comparison, DES keys are 56 bits long, which means there are
approximately
7.2 x 10^16 possible DES keys. Thus, there are on the order of 10^21
times more AES 128-bit keys than DES 56-bit keys.
http://www.nist.gov/public_affairs/releases/aesq&a.htm
More information about the users
mailing list