|
|
|
|
|
|
by nullc
996 days ago
|
|
|
You'd have an argument if you were just talking about the DH key used for PFS, but the ID key is a long term secret, so breaking it has a radically payoff surface. Even when AES and ECC have similar security they have different behavior in terms of multi-target attacks and the curve for success probability vs computation invested are quite different. You're also not limited to use AES 128 with ssh, ChaCha20-Poly1305 is a nice choice. |
|
|