Cryptography-Digest Digest #43, Volume #14 Fri, 30 Mar 01 11:13:00 EST
Contents:
Re: Support for 1536 bit RSA keys? ("Tom St Denis")
Re: Support for 1536 bit RSA keys? ("Tom St Denis")
Re: Support for 1536 bit RSA keys? (SCOTT19U.ZIP_GUY)
Re: Support for 1536 bit RSA keys? (SCOTT19U.ZIP_GUY)
Re: Support for 1536 bit RSA keys? ("Tom St Denis")
One of the great threats to Finland are those businessmen whom I have met and who
are trying to transfer production etc. to other nations ... such as Mexico
([EMAIL PROTECTED])
Re: diffie hellman ("Henrick Hellstr�m")
Re: diffie hellman (SCOTT19U.ZIP_GUY)
Re: Support for 1536 bit RSA keys? ("Simon Hunt")
Re: Support for 1536 bit RSA keys? ("Simon Hunt")
Re: Support for 1536 bit RSA keys? ("Simon Hunt")
Re: Support for 1536 bit RSA keys? (Erwann ABALEA)
Re: Support for 1536 bit RSA keys? (SCOTT19U.ZIP_GUY)
----------------------------------------------------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: Support for 1536 bit RSA keys?
Date: Fri, 30 Mar 2001 14:53:58 GMT
"Sam Simpson" <[EMAIL PROTECTED]> wrote in message
news:VA0x6.3006$[EMAIL PROTECTED]...
> Tom St Denis <[EMAIL PROTECTED]> wrote in message
> news:3s0x6.164060$[EMAIL PROTECTED]...
> >
> > "Sam Simpson" <[EMAIL PROTECTED]> wrote in message
> > news:nk0x6.2980$[EMAIL PROTECTED]...
> > >
> > > Tom St Denis <[EMAIL PROTECTED]> wrote in message
> > > news:yg0x6.164037$[EMAIL PROTECTED]...
> > > >
> > > > "Sam Simpson" <[EMAIL PROTECTED]> wrote in message
> > > > news:650x6.2958$[EMAIL PROTECTED]...
> > > > > > This is very misleading. My computer idles about 80% of the
day,
> > but
> > > > any
> > > > > > idle task gets 100% of a 1.2ghz computer. So saying "it was
done
> in
> > > > idle
> > > > > > time" is misleading since most of the time the task gets the
> entire
> > > > > > processor...
> > > > >
> > > > > That's exactly the same as I said above: It's using your IDLE
time.
> > > >
> > > > That's like saying "amazingly he travelled the distance and kept the
> car
> > > in
> > > > 1st gear" when 1st gear can reach 200mph....
> > >
> > > So what? The statement is factually correct....I don't understand what
> > your
> > > argument is.
> >
> > My problem is that it's misleading.
>
> ok, I think this is where we disagree.
>
> > The task didn't work using a fraction
> > of the cpu time.
>
> I assure you that it did. (My background is in computer science, crypto
is
> a hobby...)
>
> > It used pretty much all of it!
>
> The fraction 99/100 is still a fraction.
>
> > Saying "factoring done in
> > idle time" means "factoring done using a fraction of my cpu time" to
me...
> > what does it mean to you?
>
> The original quote: "It is of interest to note that Rivest predicted that
a
> 129-bit factorization would take 40-quadrillion years whereas in reality
it
> took just 8 months
> using idle cycles on computers around the globe ."
>
> It means that, when the CPU's weren't engaged in 'proper work' (e.g. word
> processing, web serving, sending faxes, whatever), it is used to run a
> process that works on the factoring problem.
You're still missing the point. Saying "idle time" makes it seem like it
wasn't alot. Like if I say wanna help me in your "spare time" at work you
will say "nope too busy". Similiar line of thinking. Idle time on 500+mhz
machines is actually quite a bit.
They really should have said "factoring done on machines using a significant
portion of their cpu time". It's generally more accurate and less
misleading.
Tom
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: Support for 1536 bit RSA keys?
Date: Fri, 30 Mar 2001 14:55:11 GMT
"Sam Simpson" <[EMAIL PROTECTED]> wrote in message
news:9D0x6.3011$[EMAIL PROTECTED]...
> Tom St Denis <[EMAIL PROTECTED]> wrote in message
> news:tu0x6.164064$[EMAIL PROTECTED]...
>
> <SNIP>
>
> > If we can't factor 768-bit keys are 2048-bit ones better?
>
> To quote Schneier again: "If 512-bit keys are insecure today, they were
just
> as insecure last month. Anyone implementing RSA should have moved to
> 1028-bit keys years ago, and should be thinking about 2048-bit keys today.
> It's tiring when people don't listen to cryptographers when they say that
> something is insecure, waiting instead for someone to actually demonstrate
> the insecurity."
>
> Or, to paraphrase: Tom *listen* to cryptographers.
This line of thinking is inherantly flawed. 1024 bit keys will be insecure
10 years from now (just assume) so that means they are insecure now?
Tom
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: Support for 1536 bit RSA keys?
Date: 30 Mar 2001 14:46:28 GMT
[EMAIL PROTECTED] wrote in <Ne_w6.1530$[EMAIL PROTECTED]>:
>Thanks for reading this.
>
>I am trying to assess cryptographic toolkit, certificate generation
>software, certificate validation software vendor support for 1536-bit
>RSA keys.
>
>I expect good support for 1024-bit and 2048-bit keys as they are
>"standard" key lengths. Should I expect such good support for 1536-bit
>keys?
>
I guess they don't want to anwser you. But YES most systems that
support 2048-bit systems should support anything smaller.
But I for one think you should use the largest key possible.
I am curious about way you asked about 1536-bit key. Are you rolling
you on key. If so since picking a strong key is so critical if your
doing your own. You should write your own RSA like routines for the
key handling unless your concerned about sending files to some one
using a regular commerical product which in most cases should handle
the key if you use the standard formats.
>Any idea of how I could find evidence of vendor support for such key
>lengths? I have checked a number of vendor web sites but I haven't
>really found any relevant information.
PGP lets you generate various size keys look in the manual
>
>Thanks a lot in advance for any help.
>
>texica
>
>
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE "OLD VERSIOM"
http://www.jim.com/jamesd/Kong/scott19u.zip
Scott famous encryption website **now all allowed**
http://members.nbci.com/ecil/index.htm
Scott LATEST UPDATED sources for scott*u.zip
http://radiusnet.net/crypto/archive/scott/
Scott famous Compression Page
http://members.nbci.com/ecil/compress.htm
**NOTE FOR EMAIL drop the roman "five" ***
A final thought from President Bill: "The road to tyranny,
we must never forget, begins with the destruction of the truth."
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: Support for 1536 bit RSA keys?
Date: 30 Mar 2001 14:54:52 GMT
[EMAIL PROTECTED] (Sam Simpson) wrote in
<9D0x6.3011$[EMAIL PROTECTED]>:
>Tom St Denis <[EMAIL PROTECTED]> wrote in message
>news:tu0x6.164064$[EMAIL PROTECTED]...
>
><SNIP>
>
>> If we can't factor 768-bit keys are 2048-bit ones better?
>
>To quote Schneier again: "If 512-bit keys are insecure today, they were
>just as insecure last month. Anyone implementing RSA should have moved
>to 1028-bit keys years ago, and should be thinking about 2048-bit keys
>today. It's tiring when people don't listen to cryptographers when they
>say that something is insecure, waiting instead for someone to actually
>demonstrate the insecurity."
>
>Or, to paraphrase: Tom *listen* to cryptographers.
>
>
>--
>Regards,
>
>Sam
>http://www.scramdisk.clara.net/
>
I think one problem with TOM is he read a few years ago that
PGP was safe till the sun burned out with a certain size key.
Once he gets it locked into his mind. He is very hard to get him
to understand that factoring gets better every day. Or maybe
he his still pissed twofish did not win AES since he thinks its
better. He did listen to noted cryptographers a few years ago
and took it as truth. He just can't get it though his head they
are human and make big mistakes as does every one else. He
should learn to except that even bigger keys will be needed in a
few years.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE "OLD VERSIOM"
http://www.jim.com/jamesd/Kong/scott19u.zip
Scott famous encryption website **now all allowed**
http://members.nbci.com/ecil/index.htm
Scott LATEST UPDATED sources for scott*u.zip
http://radiusnet.net/crypto/archive/scott/
Scott famous Compression Page
http://members.nbci.com/ecil/compress.htm
**NOTE FOR EMAIL drop the roman "five" ***
A final thought from President Bill: "The road to tyranny,
we must never forget, begins with the destruction of the truth."
------------------------------
From: "Tom St Denis" <[EMAIL PROTECTED]>
Subject: Re: Support for 1536 bit RSA keys?
Date: Fri, 30 Mar 2001 14:59:25 GMT
"SCOTT19U.ZIP_GUY" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> [EMAIL PROTECTED] (Sam Simpson) wrote in
> <9D0x6.3011$[EMAIL PROTECTED]>:
>
> >Tom St Denis <[EMAIL PROTECTED]> wrote in message
> >news:tu0x6.164064$[EMAIL PROTECTED]...
> >
> ><SNIP>
> >
> >> If we can't factor 768-bit keys are 2048-bit ones better?
> >
> >To quote Schneier again: "If 512-bit keys are insecure today, they were
> >just as insecure last month. Anyone implementing RSA should have moved
> >to 1028-bit keys years ago, and should be thinking about 2048-bit keys
> >today. It's tiring when people don't listen to cryptographers when they
> >say that something is insecure, waiting instead for someone to actually
> >demonstrate the insecurity."
> >
> >Or, to paraphrase: Tom *listen* to cryptographers.
> >
> >
> >--
> >Regards,
> >
> >Sam
> >http://www.scramdisk.clara.net/
> >
>
> I think one problem with TOM is he read a few years ago that
> PGP was safe till the sun burned out with a certain size key.
> Once he gets it locked into his mind. He is very hard to get him
> to understand that factoring gets better every day. Or maybe
> he his still pissed twofish did not win AES since he thinks its
> better. He did listen to noted cryptographers a few years ago
> and took it as truth. He just can't get it though his head they
> are human and make big mistakes as does every one else. He
> should learn to except that even bigger keys will be needed in a
> few years.
The last big break thru in factoring was what 15 years ago? (NFS). Whoopy.
Alot of advances in factoring are due to technological harnessing not actual
algorithmic improvements (there have been some but not significanty afaik).
Ok smart arse try to factor this
N =
8839143726083845882125258976826768843086739488346772188855474234625194373213
0105906947037364319682243662953343134511945326982617559556366461785240346
27609
If you can factor this 512-bit number within 5 years I will give you 100$.
If you cannot I will assume you don't know what you are talking about.
Tom
------------------------------
From: [EMAIL PROTECTED]
Crossposted-To: alt.2600,comp.security,alt.security
Subject: One of the great threats to Finland are those businessmen whom I have met and
who are trying to transfer production etc. to other nations ... such as Mexico
Date: 30 Mar 2001 14:50:27 GMT
There are several people like that ... in Atlanta I met many of them .. they
transfer productions and other activities to Mexico and other nations like
that ... actually the U.S.A. citizen were taking many jobs from Finns in
Finland by doing this production and technology transfer to Mexico ..I
witnessed it by myself in 1990s and in Ahlstrom Corp .... when I talked
against these people, some Finns attacked me ... these were those business
men who wanted meto stop talking .... well guess what not it is the time of
"VIIKATEMIES" ... Angel of Death ... it is the Harvest Festival to harvest
those who have reached their highs in their process of searching for the
truth ... it is to evaluate their real value and truth ...
Make in Miami..... also known as a Satan ....
P.S. Every morning I wake up to the sound of a blower that is used by a
Mexican in Miami .. it is just symbolic ...
P.S. And let me tell the truth ..in 1991 I was told that people are just
thinking what is good for themselves ... meaning a person is doing something
that is good for that one person .. this was after I had complained about the
U.S.people etc. and tried to help Finland and the society of Finland ... it
was so unfortunate that these were Finns who said these things to me ... well
it is the time of Viikatemies .... the Harvest Festival for those who have
been hurt ....
----- Posted via NewsOne.Net: Free (anonymous) Usenet News via the Web -----
http://newsone.net/ -- Free reading and anonymous posting to 60,000+ groups
NewsOne.Net prohibits users from posting spam. If this or other posts
made through NewsOne.Net violate posting guidelines, email [EMAIL PROTECTED]
------------------------------
From: "Henrick Hellstr�m" <[EMAIL PROTECTED]>
Subject: Re: diffie hellman
Date: Fri, 30 Mar 2001 17:07:54 +0200
Use the formula a = 2**x mod p. x is the ephemeral private key. a is the
ephemeral public key. You should use a secure (P)RNG to generate x.
The other party generates y, calculates b = 2**y mod p and transmits b to
you. You calculate K = b**x mod p. The other party calculates K = a**x mod
p. K (or the hash value of K) is the shared session key.
By using 2, you may substitute all multi precision multiplications for shift
left operations. There is little to gain by using 3 as the generator.
No, you don't really reduce security by using 2 as the generator. Suppose
you use some other generator g instead. Then there is a number c such that g
= 2**c mod p. Let c' be the number such that c'c = 1 (mod (p-1)). That would
give you a = g**(c'x) mod p, b = g**(c'y) mod p, K = g**(c'xy) mod p, and
your ephemeral private keys would in this case be x' = c'x mod (p-1), y' =
c'y mod (p-1). If the attacker would be able to calculate x and y if 2 was
used, then the attacker would most certainly be equally able to calculate c
and hence x' and y' if g was used.
However, you might reduce security by using a hardcoded prime p, in
particular if the PRNG you use to generate the ephemeral private keys is
slightly biased.
The major problem with Diffie-Hellman is however the risk of
man-in-the-middle attacks. I personally prefer SRP (in a password security
based system) or MTI/C0 (in a long-term public key based system).
--
Henrick Hellstr�m [EMAIL PROTECTED]
StreamSec HB http://www.streamsec.com
"Brian D Jonas" <[EMAIL PROTECTED]> skrev i meddelandet
news:[EMAIL PROTECTED]...
>
>
> I am attempting to understand the diffie hellman key exchange.
> (attempting implies lack of experience with crypto)
> So we have a=3^p mod m . P should be a LARGE RANDOM Sophie Germain prime
> say
> 1024bits . My question is this. In software can I hardcode the 3 and the
> m ? m being a random 448bit number ? By having 3 set in stone, and m set
> in stone, have I reduced the security ? I say m to be 448bits because the
> resulting key will be used in blowfish which maxes out at 448bits.
> Therefore, anyone else using the same program would only need (a) as my
> public key, since 3 and m would be hardcoded in there copy of the software
> as well. Is this ok ?
>
> Any feedback/explanations would be appreciated.
>
>
> Brian Jonas
>
>
>
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: diffie hellman
Date: 30 Mar 2001 15:04:15 GMT
[EMAIL PROTECTED] (Brian D Jonas) wrote in
<[EMAIL PROTECTED]>:
>
>
> I am attempting to understand the diffie hellman key exchange.
>(attempting implies lack of experience with crypto)
>So we have a=3^p mod m . P should be a LARGE RANDOM Sophie Germain prime
>say
>1024bits . My question is this. In software can I hardcode the 3 and the
>m ? m being a random 448bit number ? By having 3 set in stone, and m set
>in stone, have I reduced the security ? I say m to be 448bits because the
>resulting key will be used in blowfish which maxes out at 448bits.
>Therefore, anyone else using the same program would only need (a) as my
>public key, since 3 and m would be hardcoded in there copy of the software
>as well. Is this ok ?
>
I would tend to make all the paramters large. Also there is no
need to limit m to 448 bits. you make it any size you want and
just use a funtion to get the 448 bits from the larger number.
this is what I think is done currently in PGP
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE "OLD VERSIOM"
http://www.jim.com/jamesd/Kong/scott19u.zip
Scott famous encryption website **now all allowed**
http://members.nbci.com/ecil/index.htm
Scott LATEST UPDATED sources for scott*u.zip
http://radiusnet.net/crypto/archive/scott/
Scott famous Compression Page
http://members.nbci.com/ecil/compress.htm
**NOTE FOR EMAIL drop the roman "five" ***
A final thought from President Bill: "The road to tyranny,
we must never forget, begins with the destruction of the truth."
------------------------------
From: "Simon Hunt" <[EMAIL PROTECTED]>
Subject: Re: Support for 1536 bit RSA keys?
Date: Fri, 30 Mar 2001 16:12:44 +0100
Sorry Tom, I agree with Sam - if you look at NT/2000 there is a task "System
Idle Process" - it's called that because when a PC is not doing anything
productive, the internationally recognised term is it's "Idling" - hence
Idle Time. You don't stop the clock cycles on a PC when it's not being used,
it still runs at the same rate internally so there has to be something to
chew up all those extra cycles - the Idle task.
I think the original quote was completely technically correct- you don't
know what the average utilization of all the distributed computers was - it
could have been a load of corporate mainframes with only 0.001 idle process
time - you are making an opinion based on your (under utilized) pc. Mine for
instance runs at 99% all the time due to the processes I run....
give in on this one - the world is not with you :-)
"Tom St Denis" <[EMAIL PROTECTED]> wrote in message
news:a61x6.164126$[EMAIL PROTECTED]...
>
> "Sam Simpson" <[EMAIL PROTECTED]> wrote in message
> news:VA0x6.3006$[EMAIL PROTECTED]...
> > Tom St Denis <[EMAIL PROTECTED]> wrote in message
> > news:3s0x6.164060$[EMAIL PROTECTED]...
> > >
> > > "Sam Simpson" <[EMAIL PROTECTED]> wrote in message
> > > news:nk0x6.2980$[EMAIL PROTECTED]...
> > > >
> > > > Tom St Denis <[EMAIL PROTECTED]> wrote in message
> > > > news:yg0x6.164037$[EMAIL PROTECTED]...
> > > > >
> > > > > "Sam Simpson" <[EMAIL PROTECTED]> wrote in message
> > > > > news:650x6.2958$[EMAIL PROTECTED]...
> > > > > > > This is very misleading. My computer idles about 80% of the
> day,
> > > but
> > > > > any
> > > > > > > idle task gets 100% of a 1.2ghz computer. So saying "it was
> done
> > in
> > > > > idle
> > > > > > > time" is misleading since most of the time the task gets the
> > entire
> > > > > > > processor...
> > > > > >
> > > > > > That's exactly the same as I said above: It's using your IDLE
> time.
> > > > >
> > > > > That's like saying "amazingly he travelled the distance and kept
the
> > car
> > > > in
> > > > > 1st gear" when 1st gear can reach 200mph....
> > > >
> > > > So what? The statement is factually correct....I don't understand
what
> > > your
> > > > argument is.
> > >
> > > My problem is that it's misleading.
> >
> > ok, I think this is where we disagree.
> >
> > > The task didn't work using a fraction
> > > of the cpu time.
> >
> > I assure you that it did. (My background is in computer science, crypto
> is
> > a hobby...)
> >
> > > It used pretty much all of it!
> >
> > The fraction 99/100 is still a fraction.
> >
> > > Saying "factoring done in
> > > idle time" means "factoring done using a fraction of my cpu time" to
> me...
> > > what does it mean to you?
> >
> > The original quote: "It is of interest to note that Rivest predicted
that
> a
> > 129-bit factorization would take 40-quadrillion years whereas in reality
> it
> > took just 8 months
> > using idle cycles on computers around the globe ."
> >
> > It means that, when the CPU's weren't engaged in 'proper work' (e.g.
word
> > processing, web serving, sending faxes, whatever), it is used to run a
> > process that works on the factoring problem.
>
> You're still missing the point. Saying "idle time" makes it seem like it
> wasn't alot. Like if I say wanna help me in your "spare time" at work you
> will say "nope too busy". Similiar line of thinking. Idle time on
500+mhz
> machines is actually quite a bit.
>
> They really should have said "factoring done on machines using a
significant
> portion of their cpu time". It's generally more accurate and less
> misleading.
>
> Tom
>
>
------------------------------
From: "Simon Hunt" <[EMAIL PROTECTED]>
Subject: Re: Support for 1536 bit RSA keys?
Date: Fri, 30 Mar 2001 16:15:52 +0100
One point nobody has made is that if (somehow) a way of breaking a 1024 bit
key is discovered, then because of the supposed mathematical impossibility
of the task they will have probably discovered a way of breaking ANY RSA
key, no matter it's size.
as an example, a quantum computer takes the same amount of time (no time at
all!) to break a 64bit RSA key, as a 64 quadrillion bit RSA key...
think about that!
Simon.
"Sam Simpson" <[EMAIL PROTECTED]> wrote in message
news:ds%w6.2900$[EMAIL PROTECTED]...
> Why not? If you can stomach the speed issues (e.g. key is a key signing
CA
> key used v. occasionally) and you can gather the entropy to produce such a
> large key...
>
> I'm sure people said the same kind of thing about 1500-bit keys when 512
was
> the de facto standard..........
>
> --
> Regards,
>
> Sam
> http://www.scramdisk.clara.net/
>
> Tom St Denis <[EMAIL PROTECTED]> wrote in message
> news:Hl%w6.163951$[EMAIL PROTECTED]...
> >
> > "Sam Simpson" <[EMAIL PROTECTED]> wrote in message
> > news:J0%w6.2868$[EMAIL PROTECTED]...
> > > Tom St Denis <[EMAIL PROTECTED]> wrote in message
> > > news:lA_w6.163933$[EMAIL PROTECTED]...
> > > >
> > > > <[EMAIL PROTECTED]> wrote in message
> > > > news:Ne_w6.1530$[EMAIL PROTECTED]...
> > > > > Thanks for reading this.
> > > > >
> > > > > I am trying to assess cryptographic toolkit, certificate
generation
> > > > software,
> > > > > certificate validation software vendor support for 1536-bit RSA
> keys.
> > > > >
> > > > > I expect good support for 1024-bit and 2048-bit keys as they are
> > > > "standard" key
> > > > > lengths. Should I expect such good support for 1536-bit keys?
> > > >
> > > > This is because you're a nutcase. Factoring is a hard job.
"2048-bit
> > > keys"
> > > > are not standard ... they are for paranoids.
> > >
> > > "If 512-bit keys are insecure today, they were just as insecure last
> > month.
> > > Anyone implementing RSA should have moved to 1028-bit keys years ago,
> and
> > > should be thinking about 2048-bit keys today. It's tiring when people
> > don't
> > > listen to cryptographers when they say that something is insecure,
> waiting
> > > instead for someone to actually demonstrate the insecurity.".
> >
> > So let's use 10kbit rsa keys?
> >
> > Tom
> >
> >
>
>
------------------------------
From: "Simon Hunt" <[EMAIL PROTECTED]>
Subject: Re: Support for 1536 bit RSA keys?
Date: Fri, 30 Mar 2001 16:18:43 +0100
don't be an arse yourself, how about you give Sam $100, and if he hasn't
factored it in 5 years he gives you the money back?
Simon.
"Tom St Denis" <[EMAIL PROTECTED]> wrote in message
news:hb1x6.164137$[EMAIL PROTECTED]...
>
> "SCOTT19U.ZIP_GUY" <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]...
> > [EMAIL PROTECTED] (Sam Simpson) wrote in
> > <9D0x6.3011$[EMAIL PROTECTED]>:
> >
> > >Tom St Denis <[EMAIL PROTECTED]> wrote in message
> > >news:tu0x6.164064$[EMAIL PROTECTED]...
> > >
> > ><SNIP>
> > >
> > >> If we can't factor 768-bit keys are 2048-bit ones better?
> > >
> > >To quote Schneier again: "If 512-bit keys are insecure today, they were
> > >just as insecure last month. Anyone implementing RSA should have moved
> > >to 1028-bit keys years ago, and should be thinking about 2048-bit keys
> > >today. It's tiring when people don't listen to cryptographers when they
> > >say that something is insecure, waiting instead for someone to actually
> > >demonstrate the insecurity."
> > >
> > >Or, to paraphrase: Tom *listen* to cryptographers.
> > >
> > >
> > >--
> > >Regards,
> > >
> > >Sam
> > >http://www.scramdisk.clara.net/
> > >
> >
> > I think one problem with TOM is he read a few years ago that
> > PGP was safe till the sun burned out with a certain size key.
> > Once he gets it locked into his mind. He is very hard to get him
> > to understand that factoring gets better every day. Or maybe
> > he his still pissed twofish did not win AES since he thinks its
> > better. He did listen to noted cryptographers a few years ago
> > and took it as truth. He just can't get it though his head they
> > are human and make big mistakes as does every one else. He
> > should learn to except that even bigger keys will be needed in a
> > few years.
>
> The last big break thru in factoring was what 15 years ago? (NFS).
Whoopy.
> Alot of advances in factoring are due to technological harnessing not
actual
> algorithmic improvements (there have been some but not significanty
afaik).
>
> Ok smart arse try to factor this
>
> N =
>
8839143726083845882125258976826768843086739488346772188855474234625194373213
> 0105906947037364319682243662953343134511945326982617559556366461785240346
> 27609
>
> If you can factor this 512-bit number within 5 years I will give you 100$.
> If you cannot I will assume you don't know what you are talking about.
>
> Tom
>
>
------------------------------
From: Erwann ABALEA <[EMAIL PROTECTED]>
Subject: Re: Support for 1536 bit RSA keys?
Date: Fri, 30 Mar 2001 16:32:54 +0200
On Fri, 30 Mar 2001, Tom St Denis wrote:
>
> "Sam Simpson" <[EMAIL PROTECTED]> wrote in message
> news:9D0x6.3011$[EMAIL PROTECTED]...
> > Tom St Denis <[EMAIL PROTECTED]> wrote in message
> > news:tu0x6.164064$[EMAIL PROTECTED]...
> >
> > <SNIP>
> >
> > > If we can't factor 768-bit keys are 2048-bit ones better?
> >
> > To quote Schneier again: "If 512-bit keys are insecure today, they were
> just
> > as insecure last month. Anyone implementing RSA should have moved to
> > 1028-bit keys years ago, and should be thinking about 2048-bit keys today.
> > It's tiring when people don't listen to cryptographers when they say that
> > something is insecure, waiting instead for someone to actually demonstrate
> > the insecurity."
> >
> > Or, to paraphrase: Tom *listen* to cryptographers.
>
> This line of thinking is inherantly flawed. 1024 bit keys will be insecure
> 10 years from now (just assume) so that means they are insecure now?
If these keys are used in some precise environments, then yes, these keys
are insecure now.
If what you want to protect *now* should have it's value protected for
several years, then this means that the protection you choose *now* should
still be valid in several years from now.
If what you want to protect now is public and widely deployed, then you
can't count on 'reprotecting' your data in a few years with bigger keys,
for example to pseudo-enhance the protection level of your information.
Since the choices that you make now have a real impact on what will the
situation be in several years, then the answer to your question is
definitely yes.
There are some domains where you really have to make choices that should
still be valid for the next 20 years or so... For example timestamping. In
France, artistic work is protected for 70 years after the death of the
creator... That's a long delay...
--
Erwann ABALEA
[EMAIL PROTECTED]
- RSA PGP Key ID: 0x2D0EABD5 -
------------------------------
From: [EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
Subject: Re: Support for 1536 bit RSA keys?
Date: 30 Mar 2001 15:18:26 GMT
[EMAIL PROTECTED] (Tom St Denis) wrote in
<hb1x6.164137$[EMAIL PROTECTED]>:
>
>Ok smart arse try to factor this
>
>N =
>8839143726083845882125258976826768843086739488346772188855474234625194373
>213
>0105906947037364319682243662953343134511945326982617559556366461785240346
>27609
>
>If you can factor this 512-bit number within 5 years I will give you
>100$. If you cannot I will assume you don't know what you are talking
>about.
>
I have been confronted by assholes at work that made fast and loose
statements about paying 100 bucks. Twice I did what they said. they
didn't pay up. If some one comes up with a slick way of factoring
and I use it you would say unfair. In short I know your offer is a lie.
David A. Scott
--
SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE "OLD VERSIOM"
http://www.jim.com/jamesd/Kong/scott19u.zip
Scott famous encryption website **now all allowed**
http://members.nbci.com/ecil/index.htm
Scott LATEST UPDATED sources for scott*u.zip
http://radiusnet.net/crypto/archive/scott/
Scott famous Compression Page
http://members.nbci.com/ecil/compress.htm
**NOTE FOR EMAIL drop the roman "five" ***
A final thought from President Bill: "The road to tyranny,
we must never forget, begins with the destruction of the truth."
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to sci.crypt.
End of Cryptography-Digest Digest
******************************
