I was thinking about this statement...
I'd bet money the NSA has been able to crack RSA since 1996.
-- Eric Michael Cordian 0+ O:.T:.O:. Mathematical Munitions Division "Do What Thou Wilt Shall Be The Whole Of The Law"
By this I assume you don't mean through buffer overflows or exploiting obscure bits of cluelessness. You mean "brute force", but (obviously) through the use of algorithms we Spy-ees aren't aware of. I'd say that's absurd paranoid thinking, but on the other hand... 1. There's been no 'proof' per se about the intractability of factoring, correct? 2. Seems like the Feds veryu suddenly gave up fighting encryption a few years ago. I assumed this was because of the rapid rise of electronic transactions and communications, but maybe... 3. We never discover anything that makes us realize that the factoring problem is a lot HARDER than we realized....every few years there's a small inroad made here for this kind of prime factor, another discovery there and so on that renders RSA fairly trivial for certain categories of primes. Given several footbalfields' worth of well-payed encryption talent working for several decades, seems to me they could certainly at least be ahead of the civilian world in this area (silicon chip fabrication is another issue entirely, however). Is this correct? If the statement is true (ie, 'NSA has been able to crack RSA...'), it's not necessarily the end of the world. I'd bet that it's still potentially VERY expensive on average, though the scary thing is that some messages might fall apart easily. In fact...a search for a subtle and inexplicable steering of the prime space used by some implementations would be telling. Am I talking out my ass here? Another interesting thing is that it almost doesn't matter. Buffer overflows and other indirect attack are such that one should consider a lone encrypted message sitting out there like a sitting duck painted bright red. Better still to paint that duck white and stick him in a bigass flock. In other words, it might make sense at this point to regard RSA as crackable and then rethink how to hide the significance of encryption itself... -TD