[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Security of PGP if Secret Key Available?
Mark M. wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
>
> On Wed, 5 Jun 1996, Gary Howland wrote:
>
> > On Jun 3, 2:36, "Robert A. Hayden" wrote:
> > > However, I got to wondering about the security of PGP assuming somebody
> > > trying to read my PGPed stuff has my 1024-bit secret key. ie, if I have
> > > it on my personal computer, and somebody gets my secret key, how much
> > > less robust has PGP just become, and what are appropriate and reasonable
> > > steps to take to protect this weakness?
> >
> > If the secret key is available then an attacker knows the length
> > of p & q. Admittedly this will not usually help matters much,
> > but I still feel that the lengths of p and q should be encrypted
> > with the passphrase - perhaps in PGP3.0? (Derek?)
>
> I don't see how knowing the exact lengths of p and q will help matters much.
That's what I said. There are however a few cases where it may help.
Two that spring to mind are the brute force factoring of the
BlackNet key - this may have been faster if half of the potential
factors could have been ignored due to wrong key lengths (although I
suspect this depends upon the factoring algorithm), and the other
is that of identifying low quality keys with a small factor (perhaps
generated by low quality software).
> I don't think it will speed up the factoring time
Again, I would say this depends upon the factoring algorithm.
Gary
--
pub 1024/C001D00D 1996/01/22 Gary Howland <[email protected]>
Key fingerprint = 0C FB 60 61 4D 3B 24 7D 1C 89 1D BE 1F EE 09 06