At 01:50 PM 6/4/96 -0500, Declan wrote:
For example, someone sent me this explanation: "The 1024 bit key is likely an RSA key, and is not comperable to a 40 bit symetric key. From memory, 1024 bit RSA is about as hard to crack as 90 bit symetric." Is this a reasonable comparison?
It's probably close enough for anti-government work; the relative strength depends a lot on whether you're using general-purpose computers or custom crackerboxes, and on the state of the art in factoring technologies. I'd be tempted to be verbose and say that public-key systems like RSA use prime numbers for keys, so they need to be a lot longer than secret-key algorithms like DES or RC4 which can use any number as a key but need to keep it secret. You can double the cracking effort by adding one bit to a secret key or about 10 to a public key. 500-bit public keys and 56-bit secret keys are about the limit of cracking technology for organizations with a couple of million dollars spare for supercomputers, which is your desktop in 5-10 years. The NSA's Clipper Chip used 80-bit keys, which is about 20 years' protection against people who can't use the built-in wiretap or bribe a cop to get a warrant. One problem with these secret hardware designs is that you usually can't tell if there's a back-door unless they tell you - or goof up like they did with the Clipper's short checksum. # Thanks; Bill # Bill Stewart +1-415-442-2215 stewarts@ix.netcom.com # http://www.idiom.com/~wcs # Dispel Authority!