Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Crypto and Primes
From: "Daniel Sichel" <daniels () Ponderosatel com>
Date: Fri, 22 Oct 2004 14:31:28 -0700

And if the problem of factoring large numbers into primes was indeed
solved (this is probably what you meant), I think you'd very quickly
see a complete replacement of crypto systems in use today by the
governments with such security services.

Depending on how rigourous you are being, the large in large numbers is
a relative term. I know from talking to someone who has worked in for
real government crypto that there is enough storage space to create a
lookup db of a good chunk (if not all) of the PGP crypto keys in use for
common key sizes (512 and 1024). I doubt SSL is less vulnerable. I guess
there's force, brute force, and brute force with taxpayer dollars. 

Also with cheapo Linux clusters I would think a determined hackmeister
could do a crack on large prime based crypto, whether that would be
computationally feasible in a relevant time frame, I don't know. I do
know my gut  tells me SSL is cryptographically weak and I refuse to use
it in place of IPSEC. 

Dan Sichel

Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]