Welcome to the Slashdot Beta site  learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.
Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.
Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and learn more about it. Thanks for reading, and for making the site better!
We support a small subset of HTML, namely these tags:
<ecode> while(1) { do_something(); } </ecode>
connection down (0)
Anonymous Coward  more than 15 years ago  (#1907269)
Okay, I give up. What does it mean? Script kiddies? Or was NYT a subscribe site? I can't tell since it seems to have let me in without an account. Damned cookies probably sent cypherpunks combo.
Shamir's machine and EFF's Deep Crack (0)
Anonymous Coward  more than 15 years ago  (#1907270)
Of course, with quantum cryptography about to burst onto the scene, public key cryptography, sadly, may just be breathing its last breath. But I degress.
Re:This explains a lot (0)
Anonymous Coward  more than 15 years ago  (#1907271)
Re:This explains a lot (0)
Anonymous Coward  more than 15 years ago  (#1907272)
Re:Adi Shamir can play great poker! (0)
Anonymous Coward  more than 15 years ago  (#1907273)
It's actually not that bad.. (0)
Anonymous Coward  more than 15 years ago  (#1907274)
Every crypto implementation I'm aware of that uses RSA uses RSA to transmit a session key, and then uses a cipher based on the session key to transmit the actual data. This has many advantages over using just RSA to send everything  RSA is very very CPUintensive, if your data doesn't carve up easily into keysized chunks you have to add padding, you have to start worrying about the "low encryption exponent attack" (qv Schneier, page 472), etc. So increasing the size of your RSA key merely forces you to also increase the size of your session key to avoid having to pad  which is a *good* thing. And if you don't have a good source of randomness with which to build your session keys, then you're kind of screwed anyway.

 Guges 

Elliptic Curve Cryptography (ECC) Rulez! (0)
Anonymous Coward  more than 15 years ago  (#1907275)
Fixed size cyphers (0)
Anonymous Coward  more than 15 years ago  (#1907276)
Cryptography isn't that easy. In fact, it's rocket science.
huh? (0)
Anonymous Coward  more than 15 years ago  (#1907277)
RSA and DES (0)
Anonymous Coward  more than 15 years ago  (#1907278)
Re:Theoretically... (0)
Anonymous Coward  more than 15 years ago  (#1907279)
Sort of. If someone has been logging your traffic and has it all stored away on CD, they can, once the machine is built, go back and start cracking all your old traffic. If all the secrets in your old traffic were timeperishable (old passwords, mash notes to your nowex) this is no big deal. If it's "the document drop for the nuke plans is at xyz, comrade Lee", or "the PIN number on the bank account is 1076", it's a bigger deal.
The US discovered a whole batch of spies in the 50's when they figured out how decrypt some Soviet traffic from the 40's.
Re:Elliptic Curve Cryptography (ECC) Rulez! (0)
Anonymous Coward  more than 15 years ago  (#1907280)
Re:Elliptic Curve Cryptography (ECC) Rulez! (0)
Anonymous Coward  more than 15 years ago  (#1907281)
What does this mean for DiffieHellman/DSS? (0)
Anonymous Coward  more than 15 years ago  (#1907282)
Re:Elliptic Curve Cryptography (ECC) Rulez! (0)
Anonymous Coward  more than 15 years ago  (#1907283)
"Elliptic curve cryptosystems, as introduced in 1985 by Neal Koblitz and Victor Miller, have no general patents, though some newer elliptic curve algorithms and certain efficient implementation techniques may be covered by patents."
Re:RSA and DES (0)
Anonymous Coward  more than 15 years ago  (#1907284)
It is of course, more complicated in practice, but that is the idea.
Re:Time to up the keys size... (0)
Anonymous Coward  more than 15 years ago  (#1907285)
k
Re:Factoring technology (0)
Anonymous Coward  more than 15 years ago  (#1907286)
Well, so much for... (0)
Anonymous Coward  more than 15 years ago  (#1907287)
Back to the age old, time tested, absolutely secure one time pad (that and a good courier system). As soon as information, be it atoms or bits, is out of your posession or shared amoung two or more people, then it's no longer secret, authentic, or trustable.
Anyone care to comment on how this will effect their deployment of SWAN based router infrastructure?
DVDs and selective payload encryption are your friend.
Re:huh? (0)
Anonymous Coward  more than 15 years ago  (#1907288)
Re:Not all public key systems... (0)
Anonymous Coward  more than 15 years ago  (#1907289)
Well that alone isn't true. There aren't many public key systems  that's why RSA's patent has been so valuable.
I don't know of any public key systems not based on factoring large primes; which aren't?
factoring prime numbers (0)
Anonymous Coward  more than 15 years ago  (#1907290)
to factoring large prime numbers?
I read that the only thing that makes Public Key
Encryption work is that there is no way to factor
large prime numbers, or something to that effect.
Are these two things not related?
Re:It's about the increase in computer power, not (0)
Anonymous Coward  more than 15 years ago  (#1907291)
algorithms are (used to be) based on number field sieves and are superpolynomially faster than trial division. They are just at the edge of the
polynomial/exponential speed divide. This kind of idea is why 512 bit keys were said to be risky  we are seeing computer speeds and alorithms march on. Factorization has so far held up well  with many people and millions of hours and dollars thrown at it over the past decades. You never know  though!
MRK who can't log in because of firewall/cookie problems.
Re:Elliptic Curve Cryptography (ECC) Rulez! (0)
Anonymous Coward  more than 15 years ago  (#1907292)
April 7, 1999
RSA Release: RSA Data Security has been awarded a U.S. patent on a new, efficient way of converting between two popular but incompatible implementations of elliptic curve cryptography (ECC).
First....what the hell does the patent cover. Does anyone have the actual patent to view?
I have a gut feeling about this one. A few years back, I attended the RSA Conference. During this conference, which had a large contingent of "men in black", the big deal was the cost of cracking DES and they said it could be cracked for about $1 million and specialized HW. There was also a big push to increase key sizes from 1024 to 2048 bits. Even then, they were saying 512 bits was not enough for digital signatures.
Now, the patent is about to expire and they know that plenty of people are going to release their own libraries without the nasty royalty payments. Their lock on the market is about to expire. They have been very good at protecting and enforcing their patents to date and capitalizing on them. Now, they are are targetting ECC and trying to get a lock on the more common implementations. Hmmm. What do you bet they will find a way to make this patent apply to a lot of different things regarding ECC (and probably win).
Sounds like someone sold their soul to the devil to me.
Re:factoring prime numbers (0)
Anonymous Coward  more than 15 years ago  (#1907293)
My guess is that a better factoring algorithm has been found that can be implemented in hardware (probably parallel architecture).
Does anybody have any significant details on this machine?
Re:Uh, I don't know about that... (0)
Anonymous Coward  more than 15 years ago  (#1907294)
It's logical to believe this would be a set of algorithims based on the same basic ideas, be it prime factorization, the discrete log problem, or the amount of tea in China.
Re:Time to up the keys size... (1)
Anonymous Coward  more than 15 years ago  (#1907309)
Re:This explains a lot (1)
Anonymous Coward  more than 15 years ago  (#1907310)
And this is in mathematics(!), a field where dollars don't drive discoveries. What do they know about cloning, chip technology and other areas where good funding is the most significant obstacle to discoveries?
Adi Shamir can play great poker! (1)
Anonymous Coward  more than 15 years ago  (#1907311)
You can imagine my suprise as i saw this article at the NY Times, this guy was EXTREMELY convincing and there was no way to tell from his face he hade already developed a way to crack his own system! WHAT A POKER FACE!!!
The lecture by itself was a fascinating experince, but now it has become
I wish i asked him if he thinks RSA would ever be
cracked...
try67 [mailto]
Re:Shamir's machine and EFF's Deep Crack (1)
Anonymous Coward  more than 15 years ago  (#1907312)
And QC is hardly abuot to burst onto the scene... maybe in 20 years it will be ready for a non=trivial problem, but maybe not. Right now it can factor the number 4 with a little help. That's quite a ways from breaking a 1024bit prime. Also at best QC gives you a square root Order of speedup, which is impressive, but if yuo double your key length its sorted....
unbreakable algorithms (1)
Anonymous Coward  more than 15 years ago  (#1907313)
And remember  the algorithm isn't always (or, I believe, even usually) the weakest link in the chain.
Re:Elliptic Curve Cryptography (ECC) Rulez! (1)
Anonymous Coward  more than 15 years ago  (#1907314)
Unfortunately, there's been LESS public research on ECC encryption than on factoring techniques. So you might just be switching to a system that has flaws that haven't been discovered yet.
Re:HTTPS / SSL  What does this mean? (1)
Anonymous Coward  more than 15 years ago  (#1907315)
In the US, domestic versions of SSL clients and servers are limited by the U.S. Govt. to 168bit symmetric keys and 1024bit asymmetric keys. Exportgrade software is limited to 40 (or in some cases 56) bit symmetric keys, and 512bit asymmetric keys.
Re:This explains a lot (1)
Anonymous Coward  more than 15 years ago  (#1907316)
Remember that the NSA is the world's largest employer of mathematicians. It shouldn't be surprising that they have been able to make discoveries faster than anyone else.
Re:forget factoring  quantum cyphers is where its (2)
Anonymous Coward  more than 15 years ago  (#1907317)
Re:Primecontest (3)
Anonymous Coward  more than 15 years ago  (#1907318)
Take all the known primes, multiply them together and add 1. Call this x. x is not divisible by any known prime, so either x itself is a new prime, or some unknown prime divides x.
Note that there is no way to ensure x itself is a prime. In particular, there is no known formula for generating another prime from any quantity of known primes.
Going for pedant points. (1)
Eric S. Smith (162)  more than 15 years ago  (#1907319)
10 INPUT "Prime number to be factored"; A
20 PRINT "The factors are:","1",A
The difficulty, as I understand it, has more to do with determining whether a given large number is prime, or the product of two primes (and if so, which ones), or something like that.
I don't really understand the math that makes the cool public key stuff work, but I do know that the special thing about prime numbers is that they don't have factors (beyond the trivial ones produced by my 2line BASIC program above). Contrast 7 (prime) with 6 (nonprime), for example. Two times three makes six, but what, besides one times seven, makes seven?
Re:Not all public key systems... (1)
Bobort (289)  more than 15 years ago  (#1907320)
This explains a lot (2)
Skyshadow (508)  more than 15 years ago  (#1907321)

Time to up the keys size... (2)
strredwolf (532)  more than 15 years ago  (#1907322)
But this means we could see a way of speeding up Distributed.net's RC64 contest!!!

Spammed? Click here [sputum.com] for free slack on how to fight it!
QC = Quantum Computing (2)
cduffy (652)  more than 15 years ago  (#1907323)
Check out openqubit.org; They're working on a simulator for these things...
There's a Scientific American on the subject at:
http://www.sciam.com/1998/0698issue/0698gers
Re:Security through openness (1)
Olivier Galibert (774)  more than 15 years ago  (#1907324)
BTW, RSADSI is probably the only cryptography company that had at a time proprietary cyptography systems trusted by the community (rc2 and rc4). Rivest effect, I guess.
OG.
Urm... (1)
sjames (1099)  more than 15 years ago  (#1907326)
The public key is used to protect a 128 bit symmetric key (one time pad) in PGP. The symmetric key encrypts the plaintext. This is because the RSA method takes too long to use directly on the plaintext. Thus, we already have 2048 bit keys protecting 128 bit plaintexts.
Re:huh? (1)
sjames (1099)  more than 15 years ago  (#1907327)
In this case. The symmetric key used is a 128 bit key chosen at random (and thus in this case, it is a one time pad). The algo used is 3des. One time pad just means the key is meant to be used only once. In practice, most OTP keys are for symmetric algos.
Re:What does this mean for DiffieHellman/DSS? (1)
sjames (1099)  more than 15 years ago  (#1907328)
Are they crackable in the same short period of time?
Based on the similarity of the problem, probably. The prudant move is to assume yes, and use longer keys. In fact, use longer keys for any public key system (1024 should be safe for a while, but use 2048 for anything really important.
Theoretically... (1)
Millennium (2451)  more than 15 years ago  (#1907330)
In other words, you're probably safe for about a week after Shamir reveals the algorithms (which I don't think he's actually done yet). Then, well, I'd look into stronger security.
Re:Factoring technology (2)
slk (2510)  more than 15 years ago  (#1907331)
As the length of the key increases, so does the amount of pad needed to encode short messages. For example, if your key was 8kb long and you encrypted a 2kb email message, you would have 6kb of padding. This means, among other things, that you have 6kb of known plaintext, and also, the large amount of pad would affect the output of the cipher so that the result isn't as random or difficult to decipher as it theoretically should be with that key length.
This is why increasing key length can only happen for a limited time, and we need to keep looking for better algorithms.
Re:Security through openness (2)
YogSothoth (3357)  more than 15 years ago  (#1907332)
Security through openness (4)
YogSothoth (3357)  more than 15 years ago  (#1907333)
Re:Factoring technology (1)
stripes (3681)  more than 15 years ago  (#1907334)
Random numbers are far better then known plaintext. Random numbers are also really hard to get on current machines. What we have is psudorandom (see the man page for random), and on someOSes wedidsomestuffthatmaybeprettyrandom (see /dev/random). Psudorandom isn't so much better then known plaintext, in part because sometimes it ends up being known plaintext (like if a program uses the "normal" method of seting the random number seed to the current time, you will amost know the random text). In part because the streams some RNGs make can be recognised.
Still psudorandom would be better then knownnotrandom.
Also the original message had a small flaw, eight times the current 2K *bit* key size is 2K *bytes*, which isn't way huger then many things you may want to protect. Still if we have to keep expanding the key space every few years it will become a real problem.
No surprise, just a little dissapointment (1)
Streib (4105)  more than 15 years ago  (#1907335)
It was good to see DES last for so long with no real "cracks" that weren't massive brute force. Even today, triple DES looks like it will be pretty strong for a long time.
At least with the openness of the algorithms in question, we'll at least be educated as to how strong they really are, under current technology at least.
Re:Factoring technology (1)
jsproul (4589)  more than 15 years ago  (#1907336)
DETAILS!!! Where are the details!!!!???? (1)
Uruk (4907)  more than 15 years ago  (#1907337)
Currently, with packages like maple and mathematica, on a decent box you can factor primes that are reasonably big, but nowhere near in the range of what RSA uses. This special "machine" Shamir says he's thought up...I need the details!!!
Re:HTTPS / SSL  What does this mean? (1)
Martin Foster (4949)  more than 15 years ago  (#1907338)
This is diffrent from the asymmetric encryption methods used for PGP, and their strenght is measured differently as well.
A good page to get very basic knowledge on this... Which is incidently where I got this from can be found at the following site.
http://wwwusers.informatik.rwthaachen.de/~sen
Re:Primecontest (1)
Sesse (5616)  more than 15 years ago  (#1907340)
The prize is $50,000 for the first 1 million digit prime, $100,000 for the first 10 million and so on up to 1 billion digits. It all goes to you.
/* Steinar */
RSA has not been broken (1)
Sesse (5616)  more than 15 years ago  (#1907341)
Repeat: RSA has not been broken. Shamir has only found a better way of factoring numbers (but he hasn't even made the machine he's been talking about).
/* Steinar */
Re:Security through openness (2)
Jeffrey Baker (6191)  more than 15 years ago  (#1907344)
The closed part of most closed cryptosystems is the implementation. Of course, nobody should trust a crypto implementation for which they do not have the source, lest the code be mailing your private keys back to the manufacturer/NSA/whomever.
jwb
Re:connection down (1)
CMiYC (6473)  more than 15 years ago  (#1907345)

Re:AES (1)
craw (6958)  more than 15 years ago  (#1907346)
AES (3)
craw (6958)  more than 15 years ago  (#1907347)
This was taken from the AES site:
A process to develop a Federal Information Processing Standard (FIPS) for Advanced Encryption Standard (AES) specifying an Advanced Encryption Algorithm (AEA) has been initiated by NIST. NIST is currently soliciting candidate algorithms for inclusion in the AES. It is intended that the AES will specify an unclassified, publiclydisclosed encryption algorithm available royaltyfree worldwide, that is capable of protecting sensitive government information well into the next century. It is also hoped that this standard will be as widely accepted as the Data Encryption Standard (DES) in the private and public sectors.
I looked at one of the algorithms, but it just made my head hurt.:)
Anyone ever seen sneakers? (0)
Cosmo (7086)  more than 15 years ago  (#1907348)
Re:Factoring technology (4)
Andreas Bombe (7266)  more than 15 years ago  (#1907349)
Re:quantum cryptanalysis = TEOTWAWKI (1)
fishbowl (7759)  more than 15 years ago  (#1907351)
We need a catchy, or at least pronounceable name,
if we want widespread adoption.
If it doesn't work can the patent lift? (1)
fishbowl (7759)  more than 15 years ago  (#1907352)
the "apparatus" being patented has to work?
That way they stopped people patenting perpetual motion machines and so on...
Re:Security through openness (2)
fishbowl (7759)  more than 15 years ago  (#1907353)
believe that keeping their encryption algorithms or security holes secret
somehow makes them more secure."
It buys them time...
If they publish their weak code or their security
holes, they are in trouble right away. Otherwise
they are in trouble, maybe, at some unspecified future time. "They" can live with that. One way
they get money, one way they do not.
Another thing to consider is the soft job market.
The people who wrote your code don't work there anymore, by and large. This is the downside of the ease of finding hightech jobs, but I digress.
HTTPS / SSL  What does this mean? (1)
jwsh (8945)  more than 15 years ago  (#1907354)
Anyway, What does this mean for my https server? I only allow 128bit or better clients, but does this mean potentially anyone sniffing the packets in between me and the clients would (given this nifty new hardware) be able to see everything that is being sent? (or at least with a far greater degrree of ease than before?) I'm afraid I'm not up on my crypto..
quantum cryptanalysis = TEOTWAWKI (3)
parallax (8950)  more than 15 years ago  (#1907355)
Factoring large numbers in polynomial time is one of only two known algorithms for quantum computers. A modest quantum computer, if it could be built, would crack every primefactorization cryptosystem currently in use (which is everything, essentially).
Researchers here at the Media Lab have already built a two quantumbit bulk spinresonance quantum computer. There are significant technical challenges to building a quantum computer large enough for cryptanalysis, but there is currently no reason to believe that this is impossible. If it can be done, it will almost certainly be done in the next five to ten years; major governments and private companies all over the world are pouring lots of money into this effort.
RSA is good, but we need to start developing cryptography algorithms which aren't factoring based (or reducible to prime factoring), and we need to start NOW. If there isn't a strong, widelyavailable nonfactoring crypto implementation if/when the quantum computing breakthrough happens, all hell is going to break loose.
You're worried about the banks dropping a few transactions on Y2K? How about someone spoofing the Federal Reserve Banking Netowrk and bringing the global economy to its knees.
parallax
They don't know for sure if it will work... (1)
Accumulator (9389)  more than 15 years ago  (#1907356)
Primecontest (1)
Accumulator (9389)  more than 15 years ago  (#1907357)
Re:Factoring technology (check out RSA's website) (2)
incubus (9714)  more than 15 years ago  (#1907359)
The rsa FAQ is pretty interesting
Nope! Re:Fixed size cyphers (1)
trims (10010)  more than 15 years ago  (#1907360)
Perhaps you are thinking of certain symetric cyphers like DES or IDEA. Both have fixed key lengths. However, many other algorithms don't suffer from such a limitation. A good example is Blowfish, which (IIRC) has a key length from 64 to 448 bits, variable.
Check out Applied Cryptography for examples of other variablelength cyphers.
Whether increasing keylength is a good idea or not, though... 128bit keys are secure against any brute force search for a very long time ( even at 1 billion billion billion try/sec (ie 2^27)) it takes ~8e22 YEARS to break. Increasing a key further than this is silly. Symetric algorithms are invulnerable to advances in factoring and related math; they are vulnerable only to weaknesses in their underlying design.
Erik
Re:HTTPS / SSL  What does this mean? (1)
madbrain (11432)  more than 15 years ago  (#1907362)
The symmetric key is used for encrypting the data itself. However, obviously both sides need to have the key for it to work. The first step in SSL is a key exchange mechanism. Typically a symmetric RC4 key is generated by the client, then sent to the server encrypted with the server's public RSA key. Other ciphers are available as well but the RSA / RC4 combination is the most common.
Re:Not all public key systems... (1)
Detritus (11846)  more than 15 years ago  (#1907363)
My memory is a bit fuzzy, but I remember there were a large number of PK systems before RSA that were proposed and then cracked in rapid succession.
Re:Factoring technology (1)
Wag the Dog (12835)  more than 15 years ago  (#1907365)
Is this overly easy or am I missing something?
Factoring technology (3)
Rayban (13436)  more than 15 years ago  (#1907366)
Because it relies on the product of two large primes, RSA will always be vulnerable to advances in factoring technology. In about five years, even the 1024bit keys may become easily breakable. Until a real method to factor numbers faster than currently becomes available, we are going to find that RSA is still the most powerful encryption algorithm available (security vs. speed). I would recommend that the minimum key length in bits be increased to at least 8 times the maximum for easily broken keys.
In this case, 512 is easy to break, so 4096 should be the standard. This should yield a number of years of security. And, as always, make sure you give your keys oneyear expiry dates.
Re:Primecontest (1)
dirty (13560)  more than 15 years ago  (#1907367)
Re:Anyone ever seen sneakers? (1)
nester (14407)  more than 15 years ago  (#1907369)
Re:Shamir's machine and EFF's Deep Crack (1)
Compuser (14899)  more than 15 years ago  (#1907370)
SLIGHTLY! (1)
Codeine (18332)  more than 15 years ago  (#1907371)
They knew when they published, they've watched half a hundred stumbling steps and laughed, and finally, after selling bogus security for 15 years, they laugh all the way to the bank and disprove themselves, so we can pay them more money to fix what they knew was broken.
Uh, I don't know about that... (1)
Corbett J. Klempay (20854)  more than 15 years ago  (#1907373)
CJK, frantically trying to finish up his crypto semester project (due tomorrow), which deals with discrete log public key crypto
Uh, not so fast.. (1)
Corbett J. Klempay (20854)  more than 15 years ago  (#1907374)
(and I'm not sure that the statement about no patents is necessarily true)
But yes, ECC _is_ cool...but needs more research. Lots of people would be a little wary of implementing it, since EC cryptosystems haven't gotten as much scrutiny as of yet.
CJK
Wow, lay off the crack... (1)
Corbett J. Klempay (20854)  more than 15 years ago  (#1907375)
CJK
??? What are you talking about? (1)
Corbett J. Klempay (20854)  more than 15 years ago  (#1907376)
Sure, this shows a weakness in RSA (but if you are using 512bit keys right now, you are living dangerously as far as what's recommended)
Shamir's discovery doesn't imply any weaknesses in the entire class of public key cryptosystems based around discrete logs. (or other public key cryptosystems not based around prime factorization, such as some knapsack types and McEliece, based on algebraic coding)
The one time pad is impractical for all but a very narrow group of scenarios.
CJK
Not all public key systems... (1)
Corbett J. Klempay (20854)  more than 15 years ago  (#1907377)
CJK
?? What you're saying makes no sense. (1)
Corbett J. Klempay (20854)  more than 15 years ago  (#1907378)
CJK
Re:Not all public key systems... (1)
Corbett J. Klempay (20854)  more than 15 years ago  (#1907379)
You have ElGamal, based on discrete logs...(and the discrete log problem generalizes easily to allow for many many many variants on the same principle). DSA is based on discrete logs, too.
Most EC cryptosystems are based on an analog of the the discrete log problem on a finite field...generally a more intractable problem than the general discrete log problem (except for a few degenerate cases, in which it reduces to the problem of discrete log in a finite field).
McEliece, based on algebraeic coding theory...
I think there is one cryptosystem based on the knapsack problem which is yet unbroken (most knapsacks are shown to be weak)
CJK
Re:quantum cryptanalysis = TEOTWAWKI (1)
Corbett J. Klempay (20854)  more than 15 years ago  (#1907380)
CJK
Practical Issues??? (2)
Corbett J. Klempay (20854)  more than 15 years ago  (#1907382)
Sensible key sizes are a much better solution. Using the max key size 'just because it's there' is just wasteful (and slow as hell).
CJK
Re:Anyone ever seen sneakers? (1)
toolie (22684)  more than 15 years ago  (#1907384)
Not published yet (1)
admcd (23824)  more than 15 years ago  (#1907385)
Spine tingling  I thought of sneakers as I read (1)
Cptn Proton (29372)  more than 15 years ago  (#1907391)
To be honest, I always thought that the movie 'sneakers' would remain fiction, with any attack done the 'brute' force way, which really made these cyphers intractable.
I thought that the story was well written, and this just proves it.
forget factoring  quantum cyphers is where its at (1)
Cptn Proton (29372)  more than 15 years ago  (#1907392)
Theoretically this cypher is the cypher to end all cyphers. I say 'theoretically' because that's the way it is for all codes, until perserverance and science break them.
But the quantum mechanical cypher is pretty convincing. Any one have good links?
Re:They don't know for sure if it will work... (1)
Centove (29943)  more than 15 years ago  (#1907393)
That he is aware of. The governments have a way of keeping things real secret when its in the intrest of 'national security'. Ah well maybe I'm being paranoid.
It's about the increase in computer power, not RSA (3)
BIFFSTER (31667)  more than 15 years ago  (#1907394)
All this heralds is that computing power has acheived another milestone, and that it's gotten easier/faster to factor numbers  and thus crack crypto.
Let it be pointed out, though, that the difficulty increase for each bit increase is exponential, not linear, so 768/1024/2048 bit RSA keys should be safe for quite some time...
maybe 10 years? HHOS.
Re:unbreakable algorithms (1)
paul r (32049)  more than 15 years ago  (#1907395)
Since what you are combining with is totally random there is no way to crack this system. One decryption is equally as likely as any other. I'm looking forward to Tuesday to see what the paper turns out to be.
Re:Primecontest (2)
acarey (34175)  more than 15 years ago  (#1907399)
Cheers
Alastair
Re:AES (2)
mistshadow (35753)  more than 15 years ago  (#1907400)
Re:It's about the increase in computer power, not (1)
isidore (37373)  more than 15 years ago  (#1907401)
Re:It's about the increase in computer power, not (1)
isidore (37373)  more than 15 years ago  (#1907402)
Re:Shamir's machine and EFF's Deep Crack (1)
TheSlack (41111)  more than 15 years ago  (#1907403)