Prev: Hello, guys! I just confirmed the complete and utter detestation of an entire arm of cryptography!? Little applause, come on.... I work hard.. :)
Next: Hello, guys! I just confirmed the complete and utterdetestation of an entire arm of cryptography!? Little applause, comeon.... I work hard.. :)
From: Datesfat Chicks on 19 May 2010 15:26
Any URL's would be appreciated ...

If I set up a server for public key authentication (rather than password)
for an SSH shell, my understanding is that at connect time the server
generates a random message and hands it off to the client to request a
signature.

The client then signs it with the private key (on the client machine) and
sends the signature back to the server.

The server is able to verify (using the public key that it has) that the
signature is consistent with the private key paired with the public key.

The user is then logged on.

Here is my question: How big is the "signature"?

I assume it is at least on the order of 128 bits ... but maybe I'm wrong???

Thanks, Datesfat

From: Paul Rubin on 20 May 2010 01:11
"Datesfat Chicks" <datesfat.chicks(a)gmail.com> writes:
> Any URL's would be appreciated ...

See http://tools.ietf.org/html/rfc4252#page-8 --
7. Public Key Authentication Method: "publickey"

> I assume it is at least on the order of 128 bits ... but maybe I'm wrong???

If it's an RSA signature, it's the same size as the RSA key, typically
1024 or 2048 bits these days. There is some other overhead in the
protocol as well (maybe a few dozen bytes).
From: Datesfat Chicks on 20 May 2010 11:00
"Paul Rubin" <no.email(a)nospam.invalid> wrote in message
news:7xd3wrxim8.fsf(a)ruckus.brouhaha.com...
> "Datesfat Chicks" <datesfat.chicks(a)gmail.com> writes:
>> Any URL's would be appreciated ...
>
> See http://tools.ietf.org/html/rfc4252#page-8 --
> 7. Public Key Authentication Method: "publickey"
>
>> I assume it is at least on the order of 128 bits ... but maybe I'm
>> wrong???
>
> If it's an RSA signature, it's the same size as the RSA key, typically
> 1024 or 2048 bits these days. There is some other overhead in the
> protocol as well (maybe a few dozen bytes).

Thanks, Paul.

I have a small number of public keys listed as authorized, and I was curious
if hypothetically this increases the probability of a signature match by an
attacker.

I am aware of how large of a number 2^1024 is. I think there are on the
order of 2^260 electrons in the observable universe, and of course 2^1024 is
a much, much, much larger number.

I think the probabilities here are far lower than a supermodel phoning me
with an offer of marriage, followed by two airliner crashes in which I'm
uninjured, followed by being struck by lightning and surviving, followed by
being stung to death by bees, all in the same day.

OK, I have no concerns then that my multiple public keys make a difference
....

Datesfat

 | 
Pages: 1
Prev: Hello, guys! I just confirmed the complete and utter detestation of an entire arm of cryptography!? Little applause, come on.... I work hard.. :)
Next: Hello, guys! I just confirmed the complete and utterdetestation of an entire arm of cryptography!? Little applause, comeon.... I work hard.. :)