Robert J. Hansen wrote: > afreewoman wrote: > >> to the task of protecting activists. If the NSA can break 1024 bit >> encryption, they have almost certainly already hacked SHA512. > > Breaking RSA-1024 is considered equivalent to an attack of complexity > 2**80. That's *a lot*. A few years ago a group of enthusiasts used a > large distributed network and over a year of processing time to mount > an attack of complexity 2**64. 2**80 is a factor of 64,000 times > harder. No one knows whether RSA-1024 has been broken: all that we > know is it's time is limited, and if it hasn't yet been broken it's a > question of when and not if.
The enthusiast project Rob mentions is distributed.net. The 64-bit challenge
took over four years. From their web page:
> Project RC5
>
> The "Bovine" RC5 effort was formed to take the responsibilities of
coordinating and maintaining the RC5 servers that are needed to distribute key
blocks to work on to all of the participating client programs. We depend
heavily (entirely) on the participation of people like yourself, as we intend
to solve this project via the use of brute force, trying every possible key
there is.
>
> We know this method works! On 19 October 1997 at 1325 UTC, we found the
correct solution for the RSA Labs 56-bit secret-key challenge (RC5-32/12/7).
The key was 0x532B744CC20999, and it took us 250 days to locate.
>
> Then, on 14 July 2002 at 0150 UTC we found the winning key for the RSA
> Labs 64-bit secret-key challenge (RC5-32/12/8). That key was
> 0x63DE7DC154F4D039 and
took us 1,757 days to locate. As of 03 December 2002, we're now working on the
72-bit RSA Labs secret-key challenge (RC5-32/12/9) [0]
RC5-56: 250 days
RC5-64: 1757 days
RC5-72: 4208 days in process, 3.227% of keyspace tested at an overall rate
of 419,091,414,000 Keys/sec. (...we'll hit 100% in 107,559 days
at yesterday's rate.)[1]
107,559 days for 100% of the 72-bit keyspace. Given 50% as a best-guess
estimation for a brute-force attack, your're looking at 147+ YEARS at the
current rate to solve a single 72-bit key.
From the OP:
>> My question for you is: Why would you want to add encryption that is
>> "good enough" to a product that already contains this ability? Why would
>> you NOT want to include the strongest, most secure encryption possible
>> by default?
Take a look at the math, after dialing back the out-of-control paranoia.
Brute-forcing "good enough" is still science fiction usually requiring
ignoring the Second Law of Thermodynamics.
Strongest encryption does not necessarily equate to most secure. Security is a
chain, a process. Encryption is only one link of that chain and nearly all
experts will tell you, no one attacks the encryption, there are much easier
links to attack and break.
-J
[0] http://www.distributed.net/RC5
[1] http://stats.distributed.net/projects.php?project_id=8
--
John P. Clizbe Inet: John (a) Gingerbear DAWT net
SKS/Enigmail/PGP-EKP or: John ( @ ) Enigmail DAWT net
FSF Assoc #995 / FSFE Fellow #1797 hkp://keyserver.gingerbear.net or
mailto:[email protected]?subject=HELP
Q:"Just how do the residents of Haiku, Hawai'i hold conversations?"
A:"An odd melody / island voices on the winds / surplus of vowels"
signature.asc
Description: OpenPGP digital signature
_______________________________________________ enigmail-users mailing list [email protected] To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
