Does PGP compress the text before it is encoded? Does this allow a cracker to search for the compression's signature after every attempt? Is there a checksum that a cracker could use to test for success after every attempt? Would using UUENCODE on the text and deleting the "begin/end" lines before encrypting it have a synergistic effect on the difficulty of cracking a secret key from that particular message? Is there an easy way to generate keys larger than 1024 bits?
Does PGP compress the text before it is encoded?
Yes. It uses the zip algorithm (I think) as its compression engine.
Does this allow a cracker to search for the compression's signature after every attempt?
Every attempt? You mean every attempt at encryption? Well, yes and no. Yes, there is a semi-known plaintext inside the encrypted data. It is unknown if this can help an attacker.
Is there a checksum that a cracker could use to test for success after every attempt?
The only checksums are the ASCII-armor checksums, and the MD5 hash which is inside the RSA signature. Other than these, there are no checksums. Neither of these can be used to aid an attacker.
Would using UUENCODE on the text and deleting the "begin/end" lines before encrypting it have a synergistic effect on the difficulty of cracking a secret key from that particular message?
This would give an attacker even MORE of a plaintext attack, since this will create lines of 64 characters, starting with an "M", which gives a regular pattern to the plaintext.
Is there an easy way to generate keys larger than 1024 bits?
No. However given current technology and assuming no significant breakthroughs in factoring algorithms, a 1024 bit key wont be broken for over a million year (significantly more, if I recall). Hope this helps. -derek
participants (2)
-
Derek Atkins -
nobody@Menudo.UH.EDU