[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Silly technical question from a non-technical person
> If it costs $10,000 to crack one 40-bit key (putting aside whether we
> agree on that price or not), could not the software be designed in such a
> manner that it is able to check, say, 10,000 keys at the same time? Ie,
> it computes a key, and then checks it against the array of data to see if
> it fits any of them, and then goes on to the next one.
Hmm yes and no.
- For pure RC4-40 yes.
- For export SSL no. It has what is effectively an 88 bit salt
(familiar with unix password salts? like that only 88 bits).
- For full 128 bit SSL, yes, but 128 bits is a rather large even if
you have a few million keys to try at once with speed up gains.
2^128 is a biiig number.
- For DES I think so, asked for others opinions, this might be the
next one to die, big project but possibly doable with lots of keys