camera_lumina at hotmail.com
Wed Jul 19 09:06:18 PDT 2006
I was thinking about this statement...
>I'd bet money the NSA has been able to crack RSA since 1996.
>Eric Michael Cordian 0+
>O:.T:.O:. Mathematical Munitions Division
>"Do What Thou Wilt Shall Be The Whole Of The Law"
By this I assume you don't mean through buffer overflows or exploiting
obscure bits of cluelessness. You mean "brute force", but (obviously)
through the use of algorithms we Spy-ees aren't aware of.
I'd say that's absurd paranoid thinking, but on the other hand...
1. There's been no 'proof' per se about the intractability of factoring,
2. Seems like the Feds veryu suddenly gave up fighting encryption a few
years ago. I assumed this was because of the rapid rise of electronic
transactions and communications, but maybe...
3. We never discover anything that makes us realize that the factoring
problem is a lot HARDER than we realized....every few years there's a small
inroad made here for this kind of prime factor, another discovery there and
so on that renders RSA fairly trivial for certain categories of primes.
Given several footbalfields' worth of well-payed encryption talent working
for several decades, seems to me they could certainly at least be ahead of
the civilian world in this area (silicon chip fabrication is another issue
Is this correct?
If the statement is true (ie, 'NSA has been able to crack RSA...'), it's not
necessarily the end of the world. I'd bet that it's still potentially VERY
expensive on average, though the scary thing is that some messages might
fall apart easily. In fact...a search for a subtle and inexplicable steering
of the prime space used by some implementations would be telling. Am I
talking out my ass here?
Another interesting thing is that it almost doesn't matter. Buffer overflows
and other indirect attack are such that one should consider a lone encrypted
message sitting out there like a sitting duck painted bright red. Better
still to paint that duck white and stick him in a bigass flock. In other
words, it might make sense at this point to regard RSA as crackable and then
rethink how to hide the significance of encryption itself...
More information about the cypherpunks-legacy