Re: Encryption
Re: Encryption
- Subject: Re: Encryption
- From: Shawn Erickson <email@hidden>
- Date: Thu, 1 Jan 2004 17:50:41 -0800
On Jan 1, 2004, at 4:20 PM, Robert Tito wrote:
Hello Nicko,
While 128 bits encryption is pretty safe when used in transactions
that last
1-3 seconds its not when using corporate e-mail
Please read the most recent proceedings in the scientific literature
that
proves what I am saying.
regards
On 2-1-2004 0:46, "Nicko van Someren" <email@hidden> wrote:
On 1 Jan 2004, at 23:00, Robert Tito wrote:
How well meant your advice is, and a happy new year to you, it doesnt
give
you status 4 in encryption, meaning top secret government level. It
takes a
mere 15-20 minutes to crack any single 128 bits engine so I think you
have
either NO knowledge about encryption and or forensic research.
Verisign for
instance is one of the least safest way to encrypt: the man in the
middle is
always possible, how hard they try to prevent it.
Believe me, we have an engine that will take you 1 over 10^1256
attempts to
crack: good luck.
128 bits is cracked in no time at all.
That's odd. I've spent half my professional life as the CTO of an
major publicly traded encryption company and somehow I had never
noticed that all the published cryptographic research in the world is
wrong and you're right...
To date the largest symmetric encryption key publicly broken by brute
force is a 64 bit RC5 key. It took a distributed effort of thousands
of computers most of a year to do so. Breaking a 128 bit key is 2^64
time, or about 18.4 million million million times harder. While
conspiracy theorists might think that this is breakable by the spooks
the vast majority of opinion is that this is sufficient for most
applications.
I know this is basic information for Nicko because I know something
about his background and yield to his knowledge on this (very likely
far far better then mine).
Anyway I believe you are talking about two different styles of
encryption... Nicko is talking about symmetric ones and Robert is
possibly talking about asymmetric ones?
For symmetric schemes (AES/Rijndael, DES, DESede/TripleDES, , etc.)
much shorter keys length can yield very strong encryption while longer
keys, sometimes much longer, are need in the asymmetric realm (RSA,
etc.).
For example AES uses keys from 128b to 256b in length with 192b
generally the most common currently (I believe Apple's file vault use
AES-192).
Anyway if we talk about AES... for a 128b key that yields a key space
of about 3.4x10^38 keys. So to brute force that in 20 minutes as you
state, assuming you only have to cover half of the key space, you would
have to process about 1.42x10^35 keys per second. That is obviously not
currently possible given that fastest computers in the world perform
only 1x10^14 operations per second or so (not cyper/key runs a second).
You get very interesting, as in large, numbers when you attempt figure
out how much power as in electrical it would take to brute force such
large key spaces given current technology.
To my knowledge no announced way exists to attack AES that doesn't take
longer then brute forcing it. Of course the human, who generally
generates such keys, is the big weakness in this...
Robert, can you reference such information if you know it? Also I would
be interested in knowing what 128b encryption/engine you are talking
about that can be broken in 20 minutes (or was is it 3 seconds?) and
what system yields a key space (assuming that was your meaning) of
1x10^1256, which is very likely more, far more, keys then particles
(not atoms but particles) in the known universe. How long does that
sucker take to run a cycle? It sounds a little over kill to me...
-Shawn
_______________________________________________
cocoa-dev mailing list | email@hidden
Help/Unsubscribe/Archives:
http://www.lists.apple.com/mailman/listinfo/cocoa-dev
Do not post admin requests to the list. They will be ignored.