RSA is weak link

Karl Lui Barrus klbarrus at owlnet.rice.edu
Fri Jan 21 12:18:11 PST 1994


-----BEGIN PGP SIGNED MESSAGE-----

>    ...the IDEA encryption algorithm used in PGP is actually
>    MUCH stronger than RSA given the same key length.  Even with a 1024 bit
>    RSA key, it is believed that IDEA encryption is still stronger, and,
>    since a chain is no stronger than it's weakest link, it is believed that
>    RSA is actually the weakest part of the RSA - IDEA approach.
>Confirmation?

True; it is more expensive to do a brute force search over the IDEA
keyspace than it is to factor a 1024 bit number using the best known
factoring algorithm :)

I did some calculations once and I think the crossover point is
between 1500 and 1600 bits, at which point factoring becomes more
difficult than searching.



-----BEGIN PGP SIGNATURE-----
Version: 2.3a

iQCVAgUBLUA1OoOA7OpLWtYzAQGjwwQAwhDqTc6TKZqEjfO1xbC1llasfVfOL3wM
72ofDeWtw7vtdxFb98iLShomdwr12G6I+7qbHwzKyLM5+r/T/DzNRAW2e+MD894Y
DNAZazRz2YLuiGpr0LBSC1S6EyFbtcuwoPh1U5LORyUrEo4YCJsYYoFfcnN+Vb8B
ddv28VkktBs=
=irY2
-----END PGP SIGNATURE-----






More information about the cypherpunks-legacy mailing list