On Sun, Sep 8, 2013 at 12:19 PM, Faré <[email protected]> wrote: > On Sun, Sep 8, 2013 at 9:42 AM, Phillip Hallam-Baker <[email protected]> > wrote: > > Two caveats on the commentary about a symmetric key algorithm with a > > trapdoor being a public key algorithm. > > > > 1) The trapdoor need not be a good public key algorithm, it can be > flawed in > > ways that would make it unsuited for use as a public key algorithm. For > > instance being able to compute the private key from the public or deduce > the > > private key from multiple messages. > > > Then it's not a symmetric key algorithm with a trapdoor, it's just a > broken algorithm.
But the compromise may only be visible if you have access to some cryptographic technique which we don't currently have. The point I am making is that a backdoor in a symmetric function need not be a secure public key system, it could be a breakable one. And that is a much wider class of function than public key cryptosystems. There are many approaches that were tried before RSA and ECC were settled on. > > 2) The trapdoor need not be a perfect decrypt. A trapdoor that reduced > the > > search space for brute force search from 128 bits to 64 or only worked on > > some messages would be enough leverage for intercept purposes but make it > > useless as a public key system. > > > I suppose the idea is that by using the same trapdoor algorithm or > algorithm family > and doubling the key size (e.g. 3DES style), you get a 256-bit > symmetric key system > that can be broken in 2^128 attempts by someone with the system's private > key > but 2^256 by someone without. If in your message you then communicate 128 > bits > of information about your symmetric key, the guy with the private key > can easily crack your symmetric key, whereas others just can't. > Therefore that's a great public key cryptography system. > 2^128 is still beyond the reach of brute force. 2^64 and a 128 bit key which is the one we usually use on the other hand... Perhaps we should do a test, move to 256 bits on a specific date across the net and see if the power consumption rises near the NSA data centers. -- Website: http://hallambaker.com/
_______________________________________________ The cryptography mailing list [email protected] http://www.metzdowd.com/mailman/listinfo/cryptography
