lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <190DFDD2F99A65469B4B15D3658C0D2BAB9FBC@ptc6.ponderosatel.com>
From: daniels at Ponderosatel.com (Daniel Sichel)
Subject: Crypto and Primes

> And if the problem of factoring large numbers into primes was indeed
>solved (this is probably what you meant), I think you'd very quickly
>see a complete replacement of crypto systems in use today by the
>governments with such security services.

Depending on how rigourous you are being, the large in large numbers is
a relative term. I know from talking to someone who has worked in for
real government crypto that there is enough storage space to create a
lookup db of a good chunk (if not all) of the PGP crypto keys in use for
common key sizes (512 and 1024). I doubt SSL is less vulnerable. I guess
there's force, brute force, and brute force with taxpayer dollars. 

Also with cheapo Linux clusters I would think a determined hackmeister
could do a crack on large prime based crypto, whether that would be
computationally feasible in a relevant time frame, I don't know. I do
know my gut  tells me SSL is cryptographically weak and I refuse to use
it in place of IPSEC. 

Dan Sichel

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ