[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Full-Disclosure] Crypto and Primes
- To: <full-disclosure@xxxxxxxxxxxxxxxx>
- Subject: [Full-Disclosure] Crypto and Primes
- From: "Daniel Sichel" <daniels@xxxxxxxxxxxxxxxx>
- Date: Fri, 22 Oct 2004 14:31:28 -0700
> And if the problem of factoring large numbers into primes was indeed
>solved (this is probably what you meant), I think you'd very quickly
>see a complete replacement of crypto systems in use today by the
>governments with such security services.
Depending on how rigourous you are being, the large in large numbers is
a relative term. I know from talking to someone who has worked in for
real government crypto that there is enough storage space to create a
lookup db of a good chunk (if not all) of the PGP crypto keys in use for
common key sizes (512 and 1024). I doubt SSL is less vulnerable. I guess
there's force, brute force, and brute force with taxpayer dollars.
Also with cheapo Linux clusters I would think a determined hackmeister
could do a crack on large prime based crypto, whether that would be
computationally feasible in a relevant time frame, I don't know. I do
know my gut tells me SSL is cryptographically weak and I refuse to use
it in place of IPSEC.
Dan Sichel
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html