Re: PGP5i supports RSA keys?
As PGP5i will be outside RSA's patent reach (i.e. the patent is only valid within the US) will PGP5i support RSA keys?
Yes, PGP 5.0i does support the RSALIB. Even though you can generate RSALIB based keys, why do so when there is a newer and better algorythm supplied with the 5.0? Albiet it is nice to have the support as not everyone has converted over, I still prefer the newer one. 4096 bit keys are going to be rather hard to break in this lifetime. :-) ______________________________________________________ Get Your Private, Free Email at http://www.hotmail.com
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 At 05:36 17/08/97 PDT, David Downey wrote:
Yes, PGP 5.0i does support the RSALIB. Even though you can generate RSALIB based keys, why do so when there is a newer and better algorythm supplied with the 5.0? Albiet it is nice to have the support as not everyone has converted over, I still prefer the newer one. 4096 bit keys are going to be rather hard to break in this lifetime. :-) but to generate and signing a message with 4096 bits key , will take much times, than with 2048 or 1024
______________________________________________________ Get Your Private, Free Email at http://www.hotmail.com
-----BEGIN PGP SIGNATURE----- Version: PGP for Personal Privacy 5.0 Charset: noconv iQA/AwUBM/p9wlFJDOlka9UjEQJ9OACfWHOPXiv2uiGsoGi2wXjbRBwJA7IAoNLI vpoeaqvnIPlJ24+7srQMFDTW =yLCE -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE-----
4096 bit keys are going to be rather hard to break in this lifetime. :-) but to generate and signing a message with 4096 bits key , will take much times, than with 2048 or 1024
Diffie-Hellman keys have different standards for how long they need to be, since they're based on discrete logs rather than factoring, but the necessary lengths are similar. However, generating Diffie-Hellman keys is much faster, once you've settled on a modulus, since you don't need to search for probable primes, you just need to pick a random number that's relatively prime to the modulus-1 (trivial, if you're using a Sophie-Germain prime modulus) and maybe to the generator (also trivial.) So go for 4096, or a least use a much longer key than the 192 bits Sun once used :-). There's no particular reason _not_ to support 4096-bit RSA keys (since using dynamic-sized data structures makes programs more reliable and less susceptible to attacks like overly-long input data), but there's also really no need for keys longer than 2048 bits unless some radical algorithmic breakthrough happens. (Computer hardware breakthroughs aren't relevant; the exponential behaviour of the algorithms mean that a few extra bits makes any device that fits on the planet still too small.) 1024 bits is probably enough, but maybe not, depending on how long you need to keep something secret and how much technology improves doing your lifetime. Techniques for breaking into your computer and stealing the private key will probably improve far faster than cracking algorithms, especially as 1) Nanotech makes it much easier to recover old data off disks and send nanobots to collect and return it 2) The Singularity makes people smart enough to find all the security bugs in Win2001 3) The Fingertip Escrow Act requires recording of all keystrokes and other potentially illicit finger activities 4) Telepathy-input Yellow Sticky Notes make recording your passphrase so much more convenient. -----BEGIN PGP SIGNATURE----- Version: PGP for Personal Privacy 5.0 Charset: noconv iQBVAwUBM/0p8PthU5e7emAFAQEkzAH/QFXqB3diLTQHi12aXqFKhsoDtZJ2JhAk hyOHb9nMmOL/QnyrZ7s3SYega4Pb/cwF+e4w9/lh5+9QzYZawKq/BQ== =jAHi -----END PGP SIGNATURE----- # Thanks; Bill # Bill Stewart, +1-415-442-2215 stewarts@ix.netcom.com # You can get PGP outside the US at ftp.ox.ac.uk/pub/crypto/pgp # (If this is a mailing list or news, please Cc: me on replies. Thanks.)
Bill Stewart <stewarts@ix.netcom.com> writes:
... but there's also really no need for keys longer than 2048 bits unless some radical algorithmic breakthrough happens. (Computer hardware breakthroughs aren't relevant; the exponential behaviour of the algorithms mean that a few extra bits makes any device that fits on the planet still too small.) 1024 bits is probably enough, but maybe not, depending on how long you need to keep something secret and how much technology improves doing your lifetime.
Sorry, but computer hardware performance is increasing exponentially, but the difficulty of factoring is subexponential in the length of the number.
At 08:13 PM 8/24/97 -0400, Anonymous wrote:
Sorry, but computer hardware performance is increasing exponentially, but the difficulty of factoring is subexponential in the length of the number.
Ok, it's subexponential, but not _very_ subexponential. For example, doubling the work to crack a 1024 bit key means adding about 10 bits, if I remember right; it's something like 2**N / log N or 2**(N/3) or some other relationship that's close enough to exponential in that adding a small number of bits doubles the workload, for values of "small" that mean it doesn't take you a substantially different amount of work to double the amount of work a cracker needs to do, or multiply it by 1024, or by 1048576. You can still kick the NSA's butt at the cost of going to next year's model for your palmtop, or adding a few megahertz into your Pentium, rather than needing to siphon off spare CPU cycles from Ft. Meade to make your cellphone encryption fast enough. # Thanks; Bill # Bill Stewart, +1-415-442-2215 stewarts@ix.netcom.com # You can get PGP outside the US at ftp.ox.ac.uk/pub/crypto/pgp # (If this is a mailing list or news, please Cc: me on replies. Thanks.)
On Sun, 17 Aug 1997, David Downey wrote: [...]
Even though you can generate RSALIB based keys, why do so when there is a newer and better algorythm supplied with the 5.0?
I will be useing PGP to sign NoCeMs and I wish to maximise the number of peaple will be able to use my posts. For this I would have to use the old size key untill PGP5.0 gets a signifigent market share. Please excuse my spelling as I suffer from agraphia see the url in my header. Never trust a country with more peaple then sheep. Buy easter bilbies. Save the ABC Is $0.08 per day too much to pay? ex-net.scum and proud I'm sorry but I just don't consider 'because its yucky' a convincing argument
-----BEGIN PGP SIGNED MESSAGE----- In <Pine.OSF.3.96.970819143011.5711A-100000@oberon>, on 08/19/97 at 02:32 PM, ? the platypus {aka David Formosa} <dformosa@st.nepean.uws.edu.au> said:
On Sun, 17 Aug 1997, David Downey wrote:
[...]
Even though you can generate RSALIB based keys, why do so when there is a newer and better algorythm supplied with the 5.0?
I will be useing PGP to sign NoCeMs and I wish to maximise the number of peaple will be able to use my posts. For this I would have to use the old size key untill PGP5.0 gets a signifigent market share.
Well an OS/2 version of PGP 5.0i should be available shortly and there is work being done for a dos & atari versions. Of cource a Unix version is already available along with the Win95/NT & Mac versions available from PGP Inc. & MIT. It will not be long before PGP 5.0 is available for the majority of platforms currently being used on the desktop. - -- - --------------------------------------------------------------- William H. Geiger III http://www.amaranth.com/~whgiii Geiger Consulting Cooking With Warp 4.0 Author of E-Secure - PGP Front End for MR/2 Ice PGP & MR/2 the only way for secure e-mail. OS/2 PGP 2.6.3a at: http://www.amaranth.com/~whgiii/pgpmr2.html - --------------------------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: 2.6.3a Charset: cp850 Comment: Registered_User_E-Secure_v1.1b1_ES000000 iQCVAwUBM/mdeY9Co1n+aLhhAQGGCAP+P+aN9apkHx+70x3TdhZ6c5H5RXXBhIQQ SCsEcJhONsrQWL/oI6ZmyxWID5jsAjuSrScJ5IYW4p6VTVEnaear3ZrMDvIpH/59 O7lJZfUIWjpO3WTrGtwNaMrvYd+e69uOzrwWMh1r3rU3wUggybmJKRwa7zoKUP8j dhBQy5YAAO8= =vUwn -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ? the platypus {aka David Formosa} wrote:
I will be useing PGP to sign NoCeMs and I wish to maximise the number of peaple will be able to use my posts. For this I would have to use the old size key untill PGP5.0 gets a signifigent market share.
That thinking is backwards. If you sign with a DSS key, you will increase PGP5 usage, not the other way around. Anybody is able to run PGP5 today on Win32/Mac/Linux. If you can't get access to at least one of those platforms, then you're not much of a cypherpunk, are you? Mike. -----BEGIN PGP SIGNATURE----- Version: PGP for Personal Privacy 5.0 Charset: noconv iQA/AwUBM/lGcsUc8bdD9cnfEQKYXgCfVd66SFwpZEqcMkUHlOx/Spt0JMAAnRP5 B4QDOT2JroYGSkhd2tOo8N8/ =tUkm -----END PGP SIGNATURE----- Mike.
-----BEGIN PGP SIGNED MESSAGE----- On Tue, 19 Aug 1997, Mike wrote: [...]
That thinking is backwards. If you sign with a DSS key, you will increase PGP5 usage,
I have no real interst into forceing the users into useing PGP5. I do have an interest in supporting the most commen crypotgrafic program.
If you can't get access to at least one of those platforms, then you're not much of a cypherpunk, are you?
I can (and most like will) have access to PGP5, but its not for me that I will be useing the old keys. > > Mike. > > -----BEGIN PGP SIGNATURE----- - -- Please excuse my spelling as I suffer from agraphia see the url in my header. Never trust a country with more peaple then sheep. ex-net.scum and proud You Say To People "Throw Off Your Chains" And They Make New Chains For Themselves? --Terry Pratchett -----BEGIN PGP SIGNATURE----- Version: 2.6.3i Charset: noconv iQCVAwUBM/wBuqQK0ynCmdStAQFYmgP/RWVK0Zbpw/DfXj21cIZ45+fkX3MgQlL2 0WDoToJlcTwefi7OwZTYYZp5k8OyjJuin8sYoPCbErOBkGlXcgRFqNvyu3SAoDM9 ndn7tBcQbFFfYsyMY5wNM5Z/g25bnvk1KWNE8u89iCP+tdqtkvCDVoa5ssPQtS3O nBdM1CVMx6s= =h59v -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE----- In <3.0.3.32.19970819080948.009b9190@localhost>, on 08/19/97 at 08:09 AM, Mike <Michael.Johnson@mejl.com> said:
Anybody is able to run PGP5 today on Win32/Mac/Linux. If you can't get access to at least one of those platforms, then you're not much of a cypherpunk, are you?
I see to be an "official" Cypherpunk(TM) you can only use an approved Operating System?? I guess I woun't be getting my secret decoder ring in the mail then? Smuck! - -- - --------------------------------------------------------------- William H. Geiger III http://www.amaranth.com/~whgiii Geiger Consulting Cooking With Warp 4.0 Author of E-Secure - PGP Front End for MR/2 Ice PGP & MR/2 the only way for secure e-mail. OS/2 PGP 2.6.3a at: http://www.amaranth.com/~whgiii/pgpmr2.html - --------------------------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: 2.6.3a Charset: cp850 Comment: Registered_User_E-Secure_v1.1b1_ES000000 iQCVAwUBM/xrMo9Co1n+aLhhAQG4KwP/XiVcephv5gclrh2Lww+8u8tzO4JisWCT cJ3Hx+haSA4CBkXLoBzrrst/9loFKwowyIcjXA+f+OIMiBJKQV6JmLMgL1RzcRXQ PIQJy1ZbFb4q/x0AVC39lXcDeHV5LOhyzQqdD0/n2P3cQf/TAsiYZme0oZw7mOOF GC8+wqTNFEg= =rlAC -----END PGP SIGNATURE-----
participants (8)
-
? the platypus {aka David Formosa} -
? the Platypus {aka David Formosa}
-
Anonymous -
Bill Stewart -
David Downey -
Irwan Hadi -
Mike -
William H. Geiger III