[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Total RSA in PGP
This was discussed about a year ago! It is a bad idea to do this for
a couple reasons. First of all, RSA can only encrypt a block of data
the same size as the key. So, for example, if you encrypt a message
to me using my key, it RSA-encrypts in blocks of 709 bits! Second,
there is no cypher-chaining, so the encryption from one block doesn't
affect the encryption of the next. It is possible to do something
like this, but I sure wouldn't want to do it.
As for the time, lets say you have a 10K message (not unreasonable,
although thats a fairly long email message ;-), and you are encrypting
it in a 512-bit key. Well, 512 bits is 64 bytes, so you are
encrypting 10K bytes 64 bytes at a time (or 160 blocks). Each 64-byte
block takes a few seconds, lets just say one second (its a little
faster on some system, and a lot slower on others!) This means you
are spending 160 seconds, or almost THREE MINUTES, to encrypt this 10K
Personally, I don't think that the extra security that you may (or may
not: you now have a massive plain-text attack, although I don't know
how you can really use it) get is worth the 2 extra orders of
magnitude of time it takes to encrypt the data!
As for adding this as a feature to PGP. It's *not* going to happen.