Hello. I am still interested in the concept of using 576 bit keys; composed of 9 parts of 64-bit keys, and applied and mixed by SHA-256 or SHA-3.
Comments? Message: 1 Date: Sun, 04 Nov 2012 15:03:56 +1300 From: Peter Gutmann <[email protected]> To: [email protected], [email protected] Subject: Re: [cryptography] Why using asymmetric crypto like symmetric crypto isn't secure Message-ID: <[email protected]> Jon Callas <[email protected]> writes: >Which immediately prompts the question of "what if it's long or secret?" [1] >This attack doesn't work on that. The "asymmetric-as-symmetric" was proposed about a decade ago as a means of protecting against new factorisation attacks, and was deployed as a commercial product. I don't recall them keeping the exponent secret because there wasn't any need to... until now that is. So I think Taral's comment about not using crypto in novel ways is quite apropos here, the asymm-as-sym concept only protected you against the emergence of novel factorisation attacks (or the use of standard factorisation attacks on too-short keys) as long as no-one bothered trying to attack the public-key-hiding itself. >If you believe that the only attack against RSA is factoring the modulus, >then you can be seduced into thinking that hiding the modulus makes the >attacker's job harder. Yup, and that was the flaw in the reasoning behind the keep-the-public-key- secret system. So this a nice textbook illustration of why not to use crypto in novel ways based purely on intuition. Peter. [1] Not my footnote. _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
