Subject: Re: really really obsolete etc/moduli in NetBSD
To: None <tech-security@netbsd.org>
From: Thor Lancelot Simon <tls@rek.tjls.com>
List: tech-security
Date: 01/15/2005 16:08:05
On Sat, Jan 15, 2005 at 03:44:51PM -0500, William Allen Simpson wrote:
> 
> Nobody should trust relatively short primes for any length of time. 
> That's one of several reasons to change them regularly. 

I don't see how that actually addresses Charles' basic point: that unless
the moduli currently in use *are not prime*, they cannot be "cracked" in
any way that would reduce the security of the algorithms in which they are
used.

Changing moduli obviously does supply more targets for an adversary who
is trying to luck out and hit one that is not, in fact, prime -- but it
is not so clear to me whether this is a good thing or a bad thing.

If the two paragraphs above are not correct, perhaps you would be so
kind as to explain to me why, without reference to other related uses
of prime numbers in cryptography that are not directly germane, nor
the sort of unfortunate personal brawling that seems to be going on
between yourself and Charles.

-- 
 Thor Lancelot Simon	                                      tls@rek.tjls.com

"The inconsistency is startling, though admittedly, if consistency is to be
 abandoned or transcended, there is no problem."		- Noam Chomsky