[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Signature 2

To: "Charles Choi (SAR)" <[email protected]>
Subject: Re: Signature 2
From: Derek Atkins <[email protected]>
Date: Tue, 05 Mar 1996 21:18:19 EST
Cc: [email protected], [email protected]
In-Reply-To: Your message of "Tue, 05 Mar 1996 20:26:25 EST." <Pine.SUN.3.91.960305202130.11469B-100000@virtu>
Sender: [email protected]

Hi,

> Assumption 1 : a privacy key can become uncrackable.
> Assumption 2 : an individual signature can become immune to fraud.
> Posit : fuse the two together so that pseudonyms/aliases/online names ensure 
> 		complete privacy, but ensure that you talk to the same person
> 		everytime.  
> Probably proposed already.

Unforutnately both of your assumptions are wrong.  A key cannot be
100% uncrackable, and a signature cannot be 100% immune to fraud.
With electronic security, there is always a chance that a key can be
cracked or a signature forged.  The question is how hard is it to
crack the key or forge the signature?  You need to balance the
security with the price.

For example, a 1024-bit RSA key cannot be cracked, today, in a
reasonable amount of time.  However it is unclear how long that will
last.  Look at RSA-129; in 1977 Ron Rivest said it would take 40
quadrillion years to break the key.  In 1993-4 it took 8 months (5000
MIPS-years).

A key has a limited size, therefore it is theoretically possible to
try every single key (this is called brute-force).  Therefore it is
impossible to have 100% uncrackable keys.  Singatures have the same
problem.

Enjoy!

-derek

References:
- Signature 2
  - From: "Charles Choi (SAR)" <[email protected]>

Prev by Date: Re: Truelly Random Numbers
Next by Date: Re: (Fwd) Gov't run anon servers
Prev by thread: Signature 2
Next by thread: Re: art-stego
Index(es):
- Date
- Thread