[cryptography] Eccentricity: How Hard to Crack a Cryptosystem
jya at pipeline.com
Mon Sep 2 17:49:37 EDT 2013
One of the many eccentricities of crypto is speculating on how
long and how much computing power would be needed to crack
a particular cryptosystem, its algorithm or "implementation."
A favorite of popular writing on the topic, it is likely these
claims are pure fiction fabricated to satisfy headlines and
deadlines -- and, as always, to market or rididule a competitor's
piece of shit.
No Wikipedia entry on the phrase "crypto implementation,"
the all-time favorite excuse for the shit's absolute certain failure.
Some examples among hundreds:
DigiCert's base standard is to use 2048-bit keys in secure SSL
certificates - that is enormously stronger than anything Lenstra et
al attempted, in fact, it would require factoring a 617-digit number.
RSA Labs claim (see: http://www.rsa.com/rsalabs/node.asp?id=2004)
that 2048-bit keys are 2^32 (2 to the power of 32) times harder to
break using NFS, than 1024-bit keys. 2^32 = 4,294,967,296 or almost
4.3 billion, therefore breaking a DigiCert 2048-bit SSL certificate
would take about 4.3 billion times longer (using the same standard
desktop processing) than doing it for a 1024-bit key. It is therefore
estimated, that standard desktop computing power would take
4,294,967,296 x 1.5 million years to break a DigiCert 2048-bit SSL
certificate. Or, in other words, a little over 6.4 quadrillion years.
In putting together our video, we estimated the age of the Universe
to be 13,751,783,021 years or a little over 13.75 billion years,
therefore if you tried to break a DigiCert 2048-bit SSL certificate
using a standard modern desktop computer, and you started at the
beginning of time, you would have expended 13 billion years of
processing by the time you got back to today, and you would still
have to repeat that entire process 468,481 times one after the other
into our far far distant future before there was a good probability
of breaking the certificate. In fact the Universe itself would grow
dark before you even got close.
How secure is AES against brute force attacks?
Mohit Arora, Sr. Systems Engineer & Security Architect, Freescale Semiconductor
5/7/2012 05:29 PM EDT
Even with a supercomputer, it would take 1 billion billion years to
crack the 128-bit AES key using brute force attack. This is more than
the age of the universe (13.75 billion years). If one were to assume
that a computing system existed that could recover a DES key in a
second, it would still take that same machine approximately 149
trillion years to crack a 128-bit AES key.
The clock is ticking for encryption
The tidy world of cryptography may be upended by the arrival of
By Lamont Wood
March 21, 2011 06:00 AM ET
Today's encryption algorithms can be broken. Their security derives
from the wildly impractical lengths of time it can take to do so.
Let's say you're using a 128-bit AES cipher. The number of possible
keys with 128 bits is 2 raised to the power of 128, or 3.4x1038, or
340 undecillion. Assuming no information on the nature of the key is
available (such as the fact that the owner likes to use his or her
children's birthdays), a code-breaking attempt would require testing
each possible key until one was found that worked.
Assuming that enough computing power was amassed to test 1 trillion
keys per second, testing all possible keys would take 10.79
quintillion years. This is about 785 million times the age of the
visible universe (13.75 billion years). On the other hand, you might
get lucky in the first 10 minutes.
But using quantum technology with the same throughput, exhausting the
possibilities of a 128-bit AES key would take about six months. If a
quantum system had to crack a 256-bit key, it would take about as
much time as a conventional computer needs to crack a 128-bit key.
A quantum computer could crack a cipher that uses the RSA or EC
algorithms almost immediately.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the cryptography