[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: How to explain crypto?
At 01:50 PM 6/4/96 -0500, Declan wrote:
>For example, someone sent me this explanation:
> "The 1024 bit key is likely an RSA key, and is not comperable to a 40 bit
> symetric key. From memory, 1024 bit RSA is about as hard to crack as 90
> bit symetric."
>Is this a reasonable comparison?
It's probably close enough for anti-government work; the relative strength
depends a lot on whether you're using general-purpose computers or
custom crackerboxes, and on the state of the art in factoring technologies.
I'd be tempted to be verbose and say that public-key systems like RSA
use prime numbers for keys, so they need to be a lot longer than
secret-key algorithms like DES or RC4 which can use any number as a key but
need to keep it secret. You can double the cracking effort by adding
one bit to a secret key or about 10 to a public key.
500-bit public keys and 56-bit secret keys are about the limit of cracking
technology for organizations with a couple of million dollars spare for
supercomputers, which is your desktop in 5-10 years.
The NSA's Clipper Chip used 80-bit keys, which is about 20 years' protection
against people who can't use the built-in wiretap or bribe a cop to
get a warrant. One problem with these secret hardware designs is that you
usually can't tell if there's a back-door unless they tell you - or goof up
like they did with the Clipper's short checksum.
# Thanks; Bill
# Bill Stewart +1-415-442-2215 [email protected]
# http://www.idiom.com/~wcs
# Dispel Authority!