[1275] in bugtraq
Re: Non-PK encryption not vulnerable via low key length?!
daemon@ATHENA.MIT.EDU (Software Test Account)
Thu Mar 16 15:11:28 1995
Date: Thu, 16 Mar 1995 12:00:42 -0600 (CST)
From: Software Test Account <softtest@wu1.wl.aecl.ca>
In-Reply-To: <Pine.3.89.9503152201.A12334-0100000@vela.acs.oakland.edu>
To: "Mark G. Scheuern" <mgscheue@oakland.edu>
Cc: Jonathan Cooper <entropy@IntNet.net>,
Vishy Gopalakrishnan <vishy@sph.umich.edu>, bugtraq@fc.net
On Wed, 15 Mar 1995, Mark G. Scheuern wrote:
> On Wed, 15 Mar 1995, Jonathan Cooper wrote:
>
> > Date: Wed, 15 Mar 1995 20:35:44 -0500 (EST)
> > From: Jonathan Cooper <entropy@IntNet.net>
> > To: Vishy Gopalakrishnan <vishy@sph.umich.edu>
> > Cc: bugtraq@fc.net
> > Subject: Non-PK encryption not vulnerable via low key length?!
> > You are wrong.
> >
> > If the key is only 128-bit, that's a much smaller keyspace to
> > brute-force attack than a 1024-bit key.
> >
> > (do the math)
> >
> > -jon
>
> Okay, let's see. 2^128 = 3.4e38. Suppose you can somehow try one
> billion keys per second. Then it will take you 3.4e29 seconds or
> about 1e22 years to try every possible key. A shorter length of
> time than it would take with a 1024 bit key, but I don't think I'd
> lose much sleep over it.
>
> Mark
>
There must be ways of forcing convergence. Brute force is tacky.
Erik
____ _____ _______ __ Erik Lindquist
/ _ | / ___/ / _____/ / / Systems Administrator
/ /_| | / /__ / / / / AECL Whiteshell Laboratories
/ __ | / ___/ / / / / VOICE: (204) 753-2311x3145
/ / | | / /____ / /_____ / /_____ FAX: (204) 753-2455
/_/ |_| /______/ /_______/ /________/ E-mail: lindquie@wu1.wl.aecl.ca
