[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: PGP Secure?

To: [email protected] (Jim McCoy)
Subject: Re: PGP Secure?
From: [email protected]
Date: Mon, 29 Mar 1993 12:00:05 -0500
Cc: [email protected]
In-Reply-To: <[email protected]>
References: <[email protected]><[email protected]>
Reply-To: [email protected]

Jim McCoy writes:
 > > Given a brute force attack on ciphertext encrypted with PGP2.2
                         ^^^^^^^^^^^^^^^^^^^^
 > > using the 1024 bit key, how many operations are required to
 > > hit on the session key...?
 > 	-If you did 1000 attempts to break a 1024 bit RSA key every second
 > 	and started your calculations at the beginning of the universe, you
 > 	would still have several trillion years to go.
 > 	-If you stored every attempted key in a single atom, you would run
 > 	out of atoms in the universe long before you ran out of keys.

Well, of course one doesn't have to break RSA to get the _session_ key,
it would be enough to break IDEA, which will automatically deliver
the key to you along with the cleartext. Again of course, it's
not obvious, why one might want that session key (:-).

 > What it boils down to is that anyone who tried a brute-force attack on your
 > RSA key is either very stupid or hopes to be very lucky.  (very, very, very
 > lucky)  .............

Sure... How about one, who simply knows how to improve
brute-force key-search attack on IDEA?  A possibility? (:-)

Regards,
Uri.
------------
<Disclaimer>

References:
- PGP Secure?
  - From: [email protected] (Shaen Bernhardt)
- Re: PGP Secure?
  - From: [email protected] (Jim McCoy)

Prev by Date: PGP: Improvements needed.
Next by Date: anonymous services
Prev by thread: Re: PGP Secure?
Next by thread: Re: PGP Secure?
Index(es):
- Date
- Thread