[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
weak point of PGP implementation
tcmay says:
----
With strong crypto, e.g., with 300 decimal digit moduli, the "costs"
of decryption by brute force could easily exceed the GNP/GDP of the
U.S.
...
bagged" the house, perhaps a simple pass phrase was used in lieu of
memorizing 300 digits, and so on.
----
I've been wondering about this. It seems as though the weak point of PGP
is one of three possible things:
1) RSA key length (a key length of 10 digits might be a good
target, but noone using pgp uses anything so absurdly small, so this can
be all but ruled out barring any huge jumps in factoring ..
2) 'conventional cryptography' used for encoding the secring.pgp
files, etc. What crypto, exactly, is used? How strong is it? If the NSA
knocked on the door and demanded your computer, would it try to crack your
key, or would it go directly for the secring.pgp file?
3) length/triviality of pass phrase. This is, I would think, the
weakest point mentioned yet. How long does the pass phrase have to be
until this point becomes as secure as the weaker of the above two? If all
bits of your passphrase were random, how long would an exhaustive search
take?
matt
Matt Thomlinson
University of Washington, Seattle, Washington.
Internet: [email protected] phone: (206) 528-5732
PGP 2.0 key availaible via email or finger [email protected]