Re-using RSA1 keys as RSA
Dan Kaminsky
dan at doxpara.com
Sat Aug 23 07:27:21 EST 2003
Markus Friedl wrote:
>On Thu, Aug 21, 2003 at 09:10:13PM -0700, Frank Cusack wrote:
>
>
>>Is there a security issue with turning an RSA1 key into an RSA key? One
>>might want to do this, e.g., to move to protocol 2 without having to
>>update authorized_keys files.
>>
>>
>
>in protocol 1 rsa keys are used for encryption,
>in protocol 2 they are used for signatures.
>
>
Markus--
In protocol 2, the RSA public key verifies a signature, as in
protocol 1, a RSA public key encrypts a token. I'm not sure, but the
only difference between the two may very well be the source of the token
being operated upon -- SSHv1 has the client generate random data; SSHv2
has the server generate and hash it. Either way, client + pubkey
authenticates server + privkey.
I'm not saying it's safe to dual-purpose RSA; I'm just not entirely
sure I've seen evidence it's dangerous to multipurpose the same RSA
key. Have you seen any evidence to the contrary?
--Dan
More information about the openssh-unix-dev
mailing list