Is 1024-bit PGP key enough?
Is security provided by 1024-bit PGP key sufficient against most powerful computers that are available today? Say if smoe organization spent 10 billions of dollars on a cracking machine, would it be possible to crack the keys in reasonable time?
-----BEGIN PGP SIGNED MESSAGE----- Hi,
Is security provided by 1024-bit PGP key sufficient against most powerful computers that are available today? Say if smoe organization spent 10 billions of dollars on a cracking machine, would it be possible to crack the keys in reasonable time?
Well, this depends on a couple of definitions. For example, how do you define "reasonable time"? The most concise answer I can give you is "we don't know". An answer that would make you feel more comfortable is that we believe that factoring a 1024-bit key using GNFS is about 300,000 times harder than factoring a 512-bit key using GNFS. This doesn't take into account increase in computer power. If you take into account increase in technology at the current rate, doubling every 18 months, then a 1024-bit key should be breakable in about 100 years. However this doesn't take into account increases in algorithms. There is no way to predict the discovery of a new factoring algorithm. In addition, there is no way to predict a computational discovery which might increase the base technology faster than the current trend. To get back to your question: If smoe [sic] organization spent 10 billions [sic] of dollars on a cracking machine, would it be possible to crack the keys in a reasonable time? Well, lets assume a P100 is 50 MIPS and costs $500. Then the $10B would purchase 20 million machines. Discounting the storage requirements (factoring a number this large will probably require on the order of hundreds of GBs of storage) and end-time processing power (unknown) required to factor a 1024-bit number, this set of machines would provide "enough" relations for a 1024-bit number in about 1.5 years per key. - -derek PS: These are napkin-style numbers, and I'm making a lot of assumptions here... I assume no responsibility if you use these numbers and they are wrong. -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Processed by Mailcrypt 3.4, an Emacs/PGP interface iQBuAwUBMgEcrTh0K1zBsGrxAQGNaALEDEtO8/pXZPp134SBcjUqD3NO2P3siirR 8a4pA6S15fwtVDrl2ZWeZb2XL65hbhcWpZ2s6Q3eaQOvFPOiytLtfcujUFV7ef+i 9zJKgUlUFMkOP9fmhZdjZXA= =gPv4 -----END PGP SIGNATURE-----
Somebody says:
Is security provided by 1024-bit PGP key sufficient against most powerful computers that are available today? Say if smoe organization spent 10 billions of dollars on a cracking machine, would it be possible to crack the keys in reasonable time?
Derek Atkins <warlord@MIT.EDU> responds with some useful and authoritative information -- thanks. But the original author also needs to step back and understand his security needs. In particular, if you're trying to protect your information against an enemy who is willing to spend $10B to get it, they'll have a lot of options other than hiding in a back room with some cracking equipment. Would you be willing to sell them the information you're trying to protect for (say) 10% of that $10B? Would your partner? Your wife? Jim Gillogly Hevensday, 9 Wedmath S.R. 1996, 22:37
On Thu, 1 Aug 1996, Anonymous wrote:
Is security provided by 1024-bit PGP key sufficient against most powerful computers that are available today? Say if smoe organization spent 10 billions of dollars on a cracking machine, would it be possible to crack the keys in reasonable time?
I'd bet if they wanted it that bad they'd spend a half million on buying the key. Petro, Christopher C. petro@suba.com <prefered for any non-list stuff> snow@smoke.suba.com
participants (4)
-
Derek Atkins -
Jim Gillogly -
nobody@REPLAY.COM -
snow