Forgive my slow math mind, but I pose the following question, knowing in advance that it's a FAQ, but I can't find an answer anywhere.... Given a brute force attack on ciphertext encrypted with PGP2.2 using the 1024 bit key, how many operations are required to hit on the session key...? (The session key being used with the IDEA cipher) What about derriving the RSA key pair from the public key and message? How many operations might this require? Along these lines, what's the best guess at the highest technology level available today with regard to speed? How many operations per second might the most resourced orginization be expected to achieve? The real meat of this question boils down to: What are the capabilities currently, and what is required to brute force the various stages of PGP? Also: What does 1024 bit refer to? The IDEA session key? or the RSA key? Thanks in advance... uni
Forgive my slow math mind, but I pose the following question, knowing in advance that it's a FAQ, but I can't find an answer anywhere....
Given a brute force attack on ciphertext encrypted with PGP2.2 using the 1024 bit key, how many operations are required to hit on the session key...? (The session key being used with the IDEA cipher)
This has been recently hashed over in sci.crypt. Here are a few generalities, read the articles in sci.crypt for the real numbers. -If you did 1000 attempts to break a 1024 bit RSA key every second and started your calculations at the beginning of the universe, you would still have several trillion years to go. -If you stored every attempted key in a single atom, you would run out of atoms in the universe long before you ran out of keys. If I remeber correctly there are something like 10^152 primes possible with a 512 bit key. That is what most people refer to as a BIG number... :)
The real meat of this question boils down to: What are the capabilities currently, and what is required to brute force the various stages of PGP?
What it boils down to is that anyone who tried a brute-force attack on your RSA key is either very stupid or hopes to be very lucky. (very, very, very lucky) It would be easier for the person to track you down, put a gun to your face and force you to disclose the message. Barring any mathematical miracle with regards to factoring large numbers, RSA using large keys is safe from brute-force attack.
Also: What does 1024 bit refer to? The IDEA session key? or the RSA key?
The RSA key. It would probably be easier for someone to try to brute-force your IDEA session key than your RSA key; but this would only give them one message, while cracking a RSA key gives you all messages that have the session key wrapped with that RSA keypair. jim
Jim McCoy writes:
Given a brute force attack on ciphertext encrypted with PGP2.2 ^^^^^^^^^^^^^^^^^^^^ using the 1024 bit key, how many operations are required to hit on the session key...? -If you did 1000 attempts to break a 1024 bit RSA key every second and started your calculations at the beginning of the universe, you would still have several trillion years to go. -If you stored every attempted key in a single atom, you would run out of atoms in the universe long before you ran out of keys.
Well, of course one doesn't have to break RSA to get the _session_ key, it would be enough to break IDEA, which will automatically deliver the key to you along with the cleartext. Again of course, it's not obvious, why one might want that session key (:-).
What it boils down to is that anyone who tried a brute-force attack on your RSA key is either very stupid or hopes to be very lucky. (very, very, very lucky) .............
Sure... How about one, who simply knows how to improve brute-force key-search attack on IDEA? A possibility? (:-) Regards, Uri. ------------ <Disclaimer>
participants (3)
-
mccoy@ccwf.cc.utexas.edu -
uni@acs.bu.edu -
uri@watson.ibm.com