lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: hades at psilanthropy.org (Anders Langworthy)
Subject: Time Expiry Alogorithm??

Pavel Kankovsky wrote:

> If a certain deterministic computation (e.g. decryption) can be made in
> time T, then it can be made in any time T' > T. 

This is true for breaking a cipher by brute force, but it doesn't 
account for (stop looking at me) somehow incorporating a timestamp into 
the encryption scheme to prevent 'legit' decryption after a certain time.

Note that what Gautam wants, namely a time-expiring cipher, cannot exist 
without some third party to provide validation and a timebase.  This is 
what Kerberos does.  Otherwise I can just set the clock back on my 
system and decrypt your damn message anyway.

> On the other hand, the power of hardware as well as the knowledge of
> cryptanalysis oincreases as the time passes, ergo any cipher is going to
> expire...in the sense someone will become able to break it and recover 
> the plaintext without the (a priori) knowledge of the encryption key.

I'm going to disagree as politely as possible.  As an example, using RSA 
with 1024 bit keys allows for around 10^150 possible primes.  Compare 
this to the 10^70 some atoms in the known universe to see how 
disgustingly big that number is.  Cracking this encryption scheme by 
searching the keyspace is laughable.  Increase the keysize even a little 
bit from that and there are arguments that the universe doesn't even 
hold enough *energy* to allow for searching that kind of keyspace.

Now the other possibility: That somebody discovers a better way to 
factor primes (please don tinfoil hats before replying to tell me that 
the NSA has already done this, in Area 51, with help from Elvis). 
Mathematically, this is a very remote possibility, as factoring primes 
is probably an NP problem, and P is probably not NP.  Neither of these 
has been proven, however.

Even allowing for the miniscule possibility that there is a shortcut to 
factoring primes, that doesn't necessarily mean that factoring huge 
primes will be an easy task.  Using larger keys will still provide a 
measure of security.

//Anders

The classic crypto primer:
http://www.cyphernet.org/cyphernomicon/chapter2/2.5.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ