[cryptography] DKIM makes Wired

Peter Gutmann pgut001 at cs.auckland.ac.nz
Fri Oct 26 05:14:23 EDT 2012


Dave Crocker <dcrocker at bbiw.net> writes:

>> In summary, it turns out that what seems like half the world's DKIM users are
>> using toy keys as short as 384 bits.
>
>Since neither Wired nor CERT cited anyone's using 384-bit DKIM keys, I don't
>know where this assertion comes from.

  Harris found three classes of key lengths used by vulnerable domains . 384
  bits, 512 bits, and 768 bits.

  .A 384-bit key I can factor on my laptop in 24 hours,. he says. .The 512-bit
  keys I can factor in about 72 hours using Amazon Web Services for $75. And I
  did do a number of those. Then there are the 768-bit keys. Those are not
  factorable by a normal person like me with my resources alone. But the
  government of Iran probably could, or a large group with sufficient
  computing resources could pull it off..

  - "How a Google Headhunter.s E-Mail Unraveled a Massive Net Security Hole",
  Kim Zetter, Wired magazine.

Peter.



More information about the cryptography mailing list