[ssh] Generated Key are too weak #1464
Comments
|
Our team (Chelsy Lan/Shawn Lin/Alexander Manalad) is working on this |
Great. You are some of the students from CodeDays, aren't you? Much success on this task and don't hesitate to ask for help if you need any. |
|
Yes we're students from CodeDays :) |
|
Hi, I am part of the team who is currently working on this issue. We may have found a solution while we were checking out the files, but we want ask a few questions before committing to the solution.
|
|
I'd like to add some more facts to the discussion: RSA-2048 will become unacceptable by NIST recommendations in 2030, requiring longer keys again latest at that time. However, the German BSI (Federal Office for Information Security) recommends at least 3000 bits since 2023, both for RSA and DSA. See https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publications/TechGuidelines/TG02102/BSI-TR-02102-1.pdf?__blob=publicationFile&v=7, chapters 5.3.1 and 5.3.2. I don't mean to say that the German recommendation should affect everyone worldwide. But if there are multiple different recommendations, then taking the "most strict" requirement seems reasonable to me, given this is about cryptography. I would therefore recommend to increase both DSA and RSA key sizes to 3072.
No. Users don't know what effect that option has. Therefore they cannot make an informed choice. That's why we should take the decision for them, in a safe way. |
Agree on that, for that reason and to keep the UI and implementation simpler.
I would even suggest to go one step further and use 4096 bit for both, if possible. Or is there a disadvantage in longer keys, besides greater key files?
I haven't looked into the details on how it is implemented at the moment, but I assume that there is maybe one or maybe a few places where the 1024 is currently hard coded I it might be sufficient to change them to 4096. If there are multiple places I suggest to unify them to eventually have one constant for the key length in order to make further increases simpler in the future.
Ideally both would be increased. Btw. by pressing And the page https://github.com/eclipse-ide, should help you to set up an Eclipse workspace for the |
|
I'm fine with 4K instead of 3K.
Besides (neglectible) disk storage increase, the main drawback is more compute resources necessary on the server. I'm not sure if the numbers still fit current CPUs, but stackoverflow basically says: 40 times more CPU when going from RSA 1K to 4K: https://stackoverflow.com/questions/1569544/performance-of-rsa-based-on-keysize |
|
At best of course the keysize can be selected by the user somehow. |
This implementation allows to generate RSA keys with 4096 bits and DSA keys with 3072 bits. (DSA does not support 4096 bits or higher within the key algorithm) Originally generates 1024 bits for RSA and DSA keys. Fixes eclipse-platform#1464
@axmanalad, @ChelsyLan and the entire team, thank you for contributing a fix for this. |
This implementation allows to generate RSA keys with 4096 bits and DSA keys with 3072 bits. (DSA does not support 4096 bits or higher within the key algorithm) Originally generates 1024 bits for RSA and DSA keys. Fixes eclipse-platform#1464
Yes, I am interested and willing to making a follow-up change by making the key-size configurable. I am not sure about my team but I will let them know about it. |
If I go to Preferences > SSH > Key Management there is an option "Generate RSA key", this does (without an option to choose otherwise) generate a RSA-1024 key.
https://www.ssh.com/academy/ssh/keygen#choosing-an-algorithm-and-key-size says
The text was updated successfully, but these errors were encountered: