--- Dustin Puryear <[EMAIL PROTECTED]> wrote: > At 04:53 PM 6/19/2002 -0500, you wrote: > > > At 02:09 PM 6/18/2002 -0500, you wrote: > > > >Just offhand I'd say that didn't sound too bad > ... if the > > > security is to > > > >be any good it *ought* to require a bit of cpu > time. > > > Basically it's a > > > > > > Why do you think that? > > > > > > Regards, Dustin > > > >Just a gut feeling Dustin, if it's very easy (i.e. > quick) to encrypt > >then it will probably be relativly easy to decrypt > by a brute force > >attack. > > I disagree, and here is why. Most encryption > algorithms are based on a > function, or set of functions, where it is easy to > determine b given: > > f(z) = b > > However, the idea is that it should be extremely > difficult to determine z > given b. > > I'm not saying that some encryption algorithms don't > have a relatively high > computational requirement for computing b, but there > is no reason why that > would be necessary or, more to the point, desirable. > > A good example of this type of function, and > something heavily used in > cryptography, is the use of the product of primes. > One of the fundamental > laws of mathematics (anyone remember which one? I > know it has "Fundamental" > in it somewhere) is that all whole numbers are the > product of a unique set > of primes. The trick is that even though everyone > knows a really large > whole number is the product of primes, it is > computationally expensive to > determine those prime numbers for numbers larger > than some currently > defined limit. Basically, it boils down to this. > > It takes me half a second to perform the following > multiplication: > > 3 x 3 x 11 = 99 > > But it takes me two or three seconds to figure out > that the component > primes of 99 are 3, 3, and 11. The difference > between the computational > time required to compute the product of primes and > the time required to > determine the component primes of a number diverges > rather quickly. (Quick, > what are the component primes of 1,034,325?) So.. I > guess that's my point. > One computation is *relatively* easy, while the > other is just plain hard.
Wait a sec. You are basing your observation on the time it takes _your_ brain to factor component primes? :) I know, I know, this was merely an anology. But I don't follow your argument. First, you say that there is no _necessary_ reason that encryption/decryption should require lots of CPU overhead. Then you give an example where computing the prime factors of a small number takes less computing power than a large number. Doesn't that example give more weight to Edward's assumption that better encryption needs more CPU power? Let me make sure I understand what you are saying, when you say: f(z) = b I assume b is the message that is secret, and z is the private encryption key, and f(z) is a PKI kinda encryption algorithm. Is this true? Please make your argument very plain, for I am quite dense. John Hebert __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com
