disturbing. We have processors bugged during delivery intercepts, at
least one facility here in the US (if we don't count Google) with enough
computing power and resources to pull off decrypting SHA512 without
breaking a sweat, etc. etc.
No, we don't.
At present, the best way to attack SHA512 is to do a birthday attack
of complexity roughly 2**256. There are a lot of laws of physics that
compellingly argue that doing a computation of that complexity would
require more energy than the Sun will put out over its entire lifetime.
You may want to consider having a little more skepticism in your
sources. At least on this particular count, your source is one
hundred percent wrong.
to the task of protecting activists. If the NSA can break 1024 bit
encryption, they have almost certainly already hacked SHA512.
Breaking RSA-1024 is considered equivalent to an attack of complexity
2**80. That's *a lot*. A few years ago a group of enthusiasts used a
large distributed network and over a year of processing time to mount
an attack of complexity 2**64. 2**80 is a factor of 64,000 times
harder. No one knows whether RSA-1024 has been broken: all that we
know is it's time is limited, and if it hasn't yet been broken it's a
question of when and not if.
But SHA512, even for a pure birthday collision (which is pretty much
useless in terms of how OpenPGP gets used), is at best a 2**256
attack. That's a factor of 2**176 harder. In plain English, that's a
factor of
100,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000
harder. That's a *lot*.
_______________________________________________
enigmail-users mailing list
[email protected]
To unsubscribe or make changes to your subscription click here:
https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
