[1285] in bugtraq
Re: Non-PK encryption not vulnerable via low key length?!
daemon@ATHENA.MIT.EDU (Software Test Account)
Fri Mar 17 00:58:29 1995
Date: Thu, 16 Mar 1995 22:36:41 -0600 (CST)
From: Software Test Account <softtest@wu1.wl.aecl.ca>
In-Reply-To: <199503161456.AA18078@lupine.org>
To: "That Whispering Wolf..." <elfchief@lupine.org>
Cc: Jonathan Cooper <entropy@IntNet.net>, vishy@sph.umich.edu, bugtraq@fc.net
On Thu, 16 Mar 1995, That Whispering Wolf... wrote:
> > > Correct me if I am wrong - RC2 and RC4 are not public key cyrptosystems,
> > > and hence are not "prone" to the problems with low moduli.
> >
> > You are wrong.
> >
> > If the key is only 128-bit, that's a much smaller keyspace to
> > brute-force attack than a 1024-bit key.
> >
> > (do the math)
>
> You add a qualifier here -- "brute force attack" -- that makes your statement
> technichally correct, but misleading.
>
> You generally see keyspaces of 1024 bits (etc) in public key cryptosystems
> (RSA/PGP). You see 128-bit keysizes on traditional cryptosystems, like RC2,
> RC4, IDEA (the -real- encryption in PGP), etc.
>
> The problem here is that the best way to break a public-key cryptosystem
> is _not_ by brute force. RSA gets it's strength from the fact that it's very
> hard to factor a large number (1024 bits, for example) made up of two
> multiplied large primes, into it's individual primes. To break RSA, you
> 'simply' have to factor the key, which is orders of magnitude faster than
> a brute force attack on the system.
>
> Large key sizes are required for public-key cryptosystems, because HUGE
> advances are being made in number factoring. 1024-bit keys are still out
> of reach, but for how long?
>
> In the case of RC2 and RC4, the best (known -- Important word here) attack
> is a brute force attack on the key -- something that is, for the moment,
> prohibative. Giveen huge advances in current technology, it'd still
> take YEARS to crack -one- key.
>
RC2 and RC4 are both public key systems -- then why wouldn't factoring
the key prove equally as (greatly more) effective as with attacks on
RSA/PGP.
__pardon_my_misunderstanding__but__?
> Anyhow, bottom line is that saying "RSA with a 1024 bit key is more secure
> than RC4 with a 128 bit key" is a bit silly -- You're comparing apples to
> oranges. Nobody's going to brute-force attack RSA, since there are much better
> ways to crack the system.
>
> -WW
>
Erik
____ _____ _______ __ Erik Lindquist
/ _ | / ___/ / _____/ / / Systems Administrator
/ /_| | / /__ / / / / AECL Whiteshell Laboratories
/ __ | / ___/ / / / / VOICE: (204) 753-2311x3145
/ / | | / /____ / /_____ / /_____ FAX: (204) 753-2455
/_/ |_| /______/ /_______/ /________/ E-mail: lindquie@wu1.wl.aecl.ca
