Brute Force and Smart Force
I think its worth pointing out that instead of taking (arguably) $10,000 worth of computer time to brute force SSL, Goldberg-Wagner's attack exploits a weakness in the system to spend maybe a few dollars to crack it. Clever attacks on cryptosystems like this are the bread and butter of 'practical' cryptanalysis. It might take until slightly after the heat death of the universe to break IDEA or your 2048 bit RSA key, but there exist other attacks, and they are the ones which will be exploited. (Also, as Robert Morris pointed otut, never underestimate the time, money or effort your opponent will put into cryptanalysis. Cypherpunks, collectively, have put a great deal of time, effort, and CPU into proving SSL bogus, and I don't think anyone here made any money doing it.) Perhaps we should refocus our efforts on attacking PGP, to see if there are holes there? (I'm not suggesting there are, but it would be nice to see some code written to extend Crack to phrases, do some more code review, etc.) Adam -- "It is seldom that liberty of any kind is lost all at once." -Hume
Adam Shostack writes:
Perhaps we should refocus our efforts on attacking PGP, to see if there are holes there? (I'm not suggesting there are, but it would be nice to see some code written to extend Crack to phrases, do some more code review, etc.)
Probably a worthwhile enterprise. Unfortunately, Netscape and the like are low hanging fruit -- its much simpler to find holes in things, er, of that, er, ah, quality -- and one probably rightfully gets more press for breaking them. Perry
| Adam Shostack writes: | > Perhaps we should refocus our efforts on attacking PGP, to see | > if there are holes there? (I'm not suggesting there are, but it | > would be nice to see some code written to extend Crack to phrases, | > do some more code review, etc.) | | Probably a worthwhile enterprise. Unfortunately, Netscape and the like | are low hanging fruit -- its much simpler to find holes in things, er, | of that, er, ah, quality -- and one probably rightfully gets more | press for breaking them. What I don't understand is why the law-enforcement is so concerned about bruting things. It is probably quite easy to tap the keyboard, smart force, exchange the binary with the real thing etc for them? (Unless they want to read it all from a nice tipped-back armchair in a certain location? :-)) What I'm saying is that this kind of attack should work quite easily in the one-by-one cases, but not on a large scale, malicious data, trojan horses, outright bugging. So why all this Clipper (son-of-X) fuss? Ok, not for all data, especially not for the "untouched, rarely used" ones. But is this any different from hiding your diary in a very safe place anyway? /Christian
participants (3)
-
Adam Shostack -
Christian Wettergren -
Perry E. Metzger