Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

In case anybody is wondering about whether the 512bit number is big or small it depends on whether it is symmetric or asymmetric encryption technique. Always presume asymmetric encryption is 8x weaker than symmetric encryption.

DKIM is asymmetric. So a 512bit DKIM equivalent symmetric hash would be 64bits, which is long broken. Even 160bit SHA1 is considered broken. A DKIM of roughly equivalent strength to a 512bit SHA3 would be at least 4096bits and still does not include SHA3's techniques for mitigating replay attacks.



DKIM is not an encryption algorithm. It is a standard for embedding and validating signatures in email headers.

Unfortunately DKIM only supports rsa-sha1 and rsa-sha256 signatures (https://datatracker.ietf.org/doc/html/rfc6376/#section-3.3). It'd be nice to see DKIM get revised to allow Ed25519 or similar signatures.


Ed25519-SHA256 support has existed for a while now.

https://datatracker.ietf.org/doc/html/rfc8463


Oh excellent. I didn't realize rfc6376 had been superseded.


Wikipedia says it is a correlation check based upon a public key based signature. How is that not a form of encryption? Google says encryption is a process that scrambles data into a secret code that can only be decoded with a unique digital key, which is exactly what public keys are for.


> Always presume asymmetric encryption is 8x weaker than symmetric encryption.

RSA encryption is 10x weaker than Elliptic curve (224 bits ECC ~= 2048 bits RSA). Both are asymmetric.

Alternatively, asymmetric Elliptic curve is as strong as AES symmetric encryption. But it's quantum vulnerable, of course.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: