[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Signature 2



Hi,

> Assumption 1 : a privacy key can become uncrackable.
> Assumption 2 : an individual signature can become immune to fraud.
> Posit : fuse the two together so that pseudonyms/aliases/online names ensure 
> 		complete privacy, but ensure that you talk to the same person
> 		everytime.  
> Probably proposed already.

Unforutnately both of your assumptions are wrong.  A key cannot be
100% uncrackable, and a signature cannot be 100% immune to fraud.
With electronic security, there is always a chance that a key can be
cracked or a signature forged.  The question is how hard is it to
crack the key or forge the signature?  You need to balance the
security with the price.

For example, a 1024-bit RSA key cannot be cracked, today, in a
reasonable amount of time.  However it is unclear how long that will
last.  Look at RSA-129; in 1977 Ron Rivest said it would take 40
quadrillion years to break the key.  In 1993-4 it took 8 months (5000
MIPS-years).

A key has a limited size, therefore it is theoretically possible to
try every single key (this is called brute-force).  Therefore it is
impossible to have 100% uncrackable keys.  Singatures have the same
problem.

Enjoy!

-derek