Sam Heywood wrote:
>If no one knows of a web site that explains how this system works,
>is there some one out there who can explain in a nutshell how this
>system is supposed to work?
Ok, I don't actually know how these "secure sites" work, but I can perhaps
add a little knowledge anyway.
IIRC the system used is RSA (Rivest, Shamir and Adleman). This system works
like this:
(looking in book...)
1. Choose two large primes, p and q, (typically larger than 10^100)
2. Compute n = p * q and z = (p - 1) * (q - 1)
3. Choose a number relatviely prime to z and call it d
4. Find e such that e * d = 1 mod z
(...all done)
With these computed the encryption starts. Next the text we want to encode
is split into diffrent blocks, these are all less or equal to n and named P.
To encrypt the message the computer does C = P^e mod n and decrypting is: P
= C^d mod n
The code to read this decrypted message is then (e, n) while we used (d, n)
to create it.
So the server will know that it was you that ordered a message to be sent,
since only you can make them. This message could of course be taken by
anyone listening, but it would be the same as the earlier one and I think
there are timestamps on them).
Of course if someone uses a key generator and your number got up then
you're in a little bad luck. (But this is not actually your problem, but
between the company and your bank).
And since the prime numbers are so high this makes it very hard to actually
break them.
If we increase the min prime number it gets even harder - and more prime
numbers are found than new computer power is made. Of course this can be a
problem if enough computers are used (as was exemplified with that if every
Chinese had a small computer and they all worked to break the DES code it
would take less than a minute) and if a very good program is made - and now
we aren't refering to coding in ASM vs Visual Basic but what the code does
- it might very well be possible.
AFAIK PGP works in the same way. (But with larger keys which makes it even
more safe).
The RSA keys are longer inside the US (and as an effect the GSMs encryption
is stronger in Europe) so they are more or less easy to break depending on
were you live. (Or actually on what browser you're using).
IIRC I "illegaly" downloaded the US version of Netscape 3.04G ;)
//Bernie
http://hem1.passagen.se/bernie/index.htm DOS programs, Star Wars ...
To unsubscribe from SURVPC send a message to [EMAIL PROTECTED] with
unsubscribe SURVPC in the body of the message.
Also, trim this footer from any quoted replies.
