×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

A Mighty Number Falls

kdawson posted more than 6 years ago | from the time-to-generate-new-keys dept.

Math 348

space_in_your_face writes "An international team has broken a long-standing record in an impressive feat of calculation. On March 6, computer clusters from three institutions (the EPFL, the University of Bonn, and NTT in Japan) reached the end of eleven months of strenuous calculation, churning out the prime factors of a well-known, hard-to-factor number — 2^1039 - 1 — that is 307 digits long." The lead researcher believes "the writing is on the wall" for 1024-bit encryption. "Last time, it took nine years for us to generalize from a special to a non-special hard-to factor number (155 digits). I won't make predictions, but let's just say it might be a good idea to stay tuned."

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

348 comments

Um.... (1, Insightful)

Anonymous Coward | more than 6 years ago | (#19224955)

Slide rule?

What are they? (4, Funny)

Hatta (162192) | more than 6 years ago | (#19224979)

I read TFA, it didn't say what the factors were. Does anyone know?

Re:What are they? (5, Funny)

jfengel (409917) | more than 6 years ago | (#19225041)

Hang on, I'm working on it. I'll get back to you.

Re:What are they? (4, Funny)

Hatta (162192) | more than 6 years ago | (#19225083)

Hang on, I'm working on it. I'll get back to you.

It's not going to take 11 months is it?

Re:What are they? (-1, Flamebait)

Anonymous Coward | more than 6 years ago | (#19225335)

for the joke to go over your head? no, it flew pretty damn quickly.

Re:What are they? (4, Funny)

IthnkImParanoid (410494) | more than 6 years ago | (#19225071)

They were about to write them down when the computer was destroyed to make way for a hyperspace bypass. I guess we'll find out in 11 months or so.

On the plus side, the staff has quicker access to the nearest janitorial supply closet.

duh (0)

Anonymous Coward | more than 6 years ago | (#19225095)

it didn't say what the factors were

they are numbers that are only divisible by 1 and themsevles. duh.

Re:duh (0)

Anonymous Coward | more than 6 years ago | (#19225367)

http://en.wikipedia.org/wiki/Prime_factor [wikipedia.org]
"Determining the prime factors of a number is an example of a problem frequently used to ensure cryptographic security in encryption systems; since one must find not only the factors of a number, but prove that those factors are prime, this problem takes time exponentially proportional to the length of the number - it is relatively easy to construct a problem that would take longer than the known age of the Universe to calculate on current computers."

Re:What are they? (5, Informative)

Anonymous Coward | more than 6 years ago | (#19225147)

2^1039-1=
1159420574 0725730643698071 48876894640753899791 70201772498686835353882248385
9966756608 0006095408005179 47205399326123020487 44028604353028619141014409345
3512334712 7396798885022630 75752809379166028555 10550042581077117617761009413
7970787973 8061870084377771 86828680889844712822 00293520180607475545154137071
1023817

factors:

5585366661 9936291260 7492046583 1594496864
6527018488 6376480100 5234631985 3288374753
×
2075818194 6442382764 5704813703 5946951629
3970800739 5209881208 3870379272 9090324679
3823431438 8414483488 2534053344 7691122230
2815832769 6525376091 4101891052 4199389933
4109711624 3589620659 7216748116 1749004803
6597355734 0925320542 5523689

(spaces added because of lameness filter)

Re:What are they? (5, Funny)

brunascle (994197) | more than 6 years ago | (#19225311)

for the love of god, please tell me you got those numbers from the results of the project

Re:What are they? (2, Informative)

Anonymous Coward | more than 6 years ago | (#19225501)

2^1039-1=
1159420574 0725730643698071 48876894640753899791 70201772498686835353882248385
9966756608 0006095408005179 47205399326123020487 44028604353028619141014409345
3512334712 7396798885022630 75752809379166028555 10550042581077117617761009413
7970787973 8061870084377771 86828680889844712822 00293520180607475545154137071
1023817
Um, no it's not - that's somewhere between 2^1016 and 2^1017. Your factorisation is otherwise correct, but these aren't the numbers we're looking for.

Re:What are they? (1, Informative)

Anonymous Coward | more than 6 years ago | (#19225579)

you are right, this is actually the cofactor that has been found to 2^1039, I apologize =)

Re:What are they? (1)

jimstapleton (999106) | more than 6 years ago | (#19225775)

I would have to say that python agrees with you...

>>> 2**1039-1
58906 80864 31683 67664 47387 24917 74762 47119
38696 45981 50177 53575 68993 76584 32079 46555
59932 59138 49006 50140 34006 38916 15625 81754
37632 23144 51080 38858 45624 60719 42881 07610
69833 17459 92221 53387 11318 93632 01210 62386
22173 92146 90332 88521 55899 78237 00137 18480
62018 26907 36866 95341 12523 82072 65913 54912
10334 38768 44956 20912 65765 28293 887

however this is 313 not 307 digits as stated in the article... (8 rows with 7 columns plus one row with 6 columns @ 5 numbers per cell, with a left over cell of 3: (8*7+6)*5+3

So is python wrong, or is the 307 digit estimate wrong?

Re:What are they? (2, Informative)

Hatta (162192) | more than 6 years ago | (#19225519)

Odd, the factors you give do multiply to give the product you say, but according to bc: 2^1039-1=

58906808643168367664473872491774762471193869645981 501775357568993765\
84320794655559932591384900650140340063891615625817 543763223144510803\
88584562460719428810761069833174599222153387113189 363201210623862217\
39214690332885215589978237001371848062018269073686 695341125238207265\
91354912103343876844956209126576528293887

Re:What are they? (5, Funny)

Anonymous Coward | more than 6 years ago | (#19225785)

Hey, that's the same combination I have on my luggage!

Re:What are they? (0)

Anonymous Coward | more than 6 years ago | (#19225535)

This number is rejected to be a Mersenne prime [wikipedia.org] number.


From now, the keys of RSA must to be minimally 16x 1024 - 1 = 16383 bits!!! (~2048 bytes)
because RSA 1024 bit is very vulnerable from today to the future.
It's polished to be decyphered your cyphered messages from the past!


I'm sorry, the RSA is still insecure for the 2030 year.

Damn, beaten, somewhat. (5, Informative)

DemonThing (745994) | more than 6 years ago | (#19225623)

There are actually three prime factors; the two you listed, and the small factor 5080711. Thus:

2^1039-1 = 5080711 * 55853666619936291260749204658315944968646527018488 637648010052346319853288374753 * 20758181946442382764570481370359469516293970800739 52098812083870379272909032467938234314388414483488 25340533447691122230281583276965253760914101891052 41993899334109711624358962065972167481161749004803 659735573409253205425523689

is the correct factorization, as can be readily verified.

Also:
http://www.heise.de/english/newsticker/news/90031 [heise.de]

Re:What are they? (1)

Excors (807434) | more than 6 years ago | (#19225633)

You missed one:

5080711
x
5585366661 9936291260 7492046583 1594496864
6527018488 6376480100 5234631985 3288374753
×
2075818194 6442382764 5704813703 5946951629
3970800739 5209881208 3870379272 9090324679
3823431438 8414483488 2534053344 7691122230
2815832769 6525376091 4101891052 4199389933
4109711624 3589620659 7216748116 1749004803
6597355734 0925320542 5523689
= 2^1039-1

Re:What are they? (4, Funny)

VAXcat (674775) | more than 6 years ago | (#19225169)

I know them, but I can't tell you, since they are also copyrighted AACS keys...

Re:What are they? (2, Informative)

fbjon (692006) | more than 6 years ago | (#19225465)

If you mean 0x09F911029D74E35BD84156C5635688C0, it's not very difficult to factorise actually.

How many people have the computing power ... (1)

0racle (667029) | more than 6 years ago | (#19224995)

that was used for this? I don't think I have to worry about the usability of 1024bit encryption for a while yet.

Not now, but in a few years Moore's law will trump (1)

Palmyst (1065142) | more than 6 years ago | (#19225047)

And by that time, I presume somebody would have figured an algorithm that works on general numbers as well as the SNFS works on 2^n - 1 type of numbers.

Re:How many people have the computing power ... (4, Informative)

tomstdenis (446163) | more than 6 years ago | (#19225073)

That's not even the point. The algorithm used to factor 2^k - 1, is generally the SNFS which is a highly optimized variant of the NFS, even faster than the GNFS. To factor RSA numbers you need the GNFS.

That said, not all 1024-bit numbers are hard to factor, in fact you have about a 1 in 300 chance of pulling 1024-bit prime out of your ass. The trick here is that RSA numbers are random and have less algebraic structure than Mersenne numbers.

Of course, with all that said, people should be using ECC anyways.

Tom

Re:How many people have the computing power ... (5, Insightful)

Anonymous Cowpat (788193) | more than 6 years ago | (#19225135)

governments. Who, incidentally, are the prime targets for using encryption against.

Re:How many people have the computing power ... (1)

BosstonesOwn (794949) | more than 6 years ago | (#19225291)

According to Moore's Law about 18 months and your cell phone will be able to do it.

All kidding aside , with all the zombie boxen in this world a well motivated botnet could brute force the key in maybe less time , hmmm new use for bot net. Key crackers. Bet that makes the **AA offices really worried. Might make it easier to brute force keys.

distributed network computing? (1)

MikeFM (12491) | more than 6 years ago | (#19225345)

All you have to do is set up something like distributed.net and you can crank through pretty fast. If hackers can infect millions of systems for massive DDOS attacks I think they could probably create a massive distributed computing platform. Vista will only make things easier because it forces a powerful video card on every system. If the distributed network can harness those video cards for number crunching they'll be a lot faster than networks running on just the CPU.

Re:distributed network computing? (4, Interesting)

CastrTroy (595695) | more than 6 years ago | (#19225475)

But with this kind of computation time, you just have to send lots of junk traffic to make them waste all their computing resources. If you send out 500 messages a day, only 1 of which has actual usable information in it, then they are going to be wasting a lot of computing resources just to find out which messages actually have usable information. With computation times this high, it would be easy to flood them with data so that they wouldn't have enough time to decrypt everything.

Re:distributed network computing? (3, Funny)

Dancindan84 (1056246) | more than 6 years ago | (#19225683)

So that's what the spammers are doing. Does that mean that 1/500 v1agra messages is really sekret US intelligence?

I'll be honest. (0, Funny)

Anonymous Coward | more than 6 years ago | (#19224999)

I don't think that I care about this.

Re:I'll be honest. (1, Funny)

Anonymous Coward | more than 6 years ago | (#19225027)

Keep me posted when you know for sure.

Tx.

Re:I'll be honest. (1, Funny)

Anonymous Coward | more than 6 years ago | (#19225645)

Let me know when he gets back to you!

Next step: FPGA cracking (3, Interesting)

Raul654 (453029) | more than 6 years ago | (#19225009)

For an embarrassingly parallel, strictly integer application like this, I think the logical next step is to attack it with FPGAs. For such an application, it wouldn't surprise me if a large Alterera FPGA could give you at least the same computation power as a large cluster, for a fraction of the price (both for the hardware and the electricity to power the thing).

Re:Next step: FPGA cracking (1)

jacekm (895699) | more than 6 years ago | (#19225255)

I think, this is rather type of a problem that could be perfect for quantum computers.
Supposedly those can apply all possible combinations at the same time and the one that works will show up itself.

But the other interesting problem with all those math based cyphers is the assumption that they are difficult to break when known mathematical knowledge is used to assess their security. Germans were doing exactly the same with their Enigma machines during WWII. According to the mathematical knowledge available to German scientists during the war, Enigma was unbreakable within the reasonable time.

JAM

Re:Next step: FPGA cracking (4, Funny)

2short (466733) | more than 6 years ago | (#19225653)

Quantum computers have that one nagging flaw: they don't actually exist.

Embarrassingly parallel? (1)

Palmyst (1065142) | more than 6 years ago | (#19225289)

The sieving step of the algorithm is indeed embarrassingly parallel, but what about the linear algebra step? I am pretty sure that part is not FPGA-able, yet.

Re:Embarrassingly parallel? (0)

Anonymous Coward | more than 6 years ago | (#19225455)

Given enough gates, any mathematical function can be implemented.

Security (2, Insightful)

morgan_greywolf (835522) | more than 6 years ago | (#19225021)

"Security is about risk management. If you have something to protect that's valuable enough for someone to steal, and the only protection you have on it is 1,024-bit crypto, you deserve to have it stolen." -- Forgot who said it, but it was on /.

Security, time, relevent, pick any two. (1, Insightful)

Anonymous Coward | more than 6 years ago | (#19225245)

You left out the time factor. How long do you need for whatever to remain secret? At the end even if cracked it may no longer be relevent to whomever's doing the cracking.

They better hurry and copyright that number (2, Funny)

vortoxin (213064) | more than 6 years ago | (#19225031)

I can see the RIAA filing the lawsuit on a DMCA violation now....."That's our prime number/integer"

Still would take a while... (1)

NightWulf (672561) | more than 6 years ago | (#19225043)

I understand that they'll be able to crack 1024, but still, 3 years to see my e-mails. It's not worth it for them. Now when they got it down to 3 hours I'll be worried, but by then we'll probably be using 4096.

Three years isn't a whole lot. (5, Insightful)

Kadin2048 (468275) | more than 6 years ago | (#19225191)

I understand that they'll be able to crack 1024, but still, 3 years to see my e-mails. It's not worth it for them. Now when they got it down to 3 hours I'll be worried, but by then we'll probably be using 4096.

True, but what you need to think about is forward secrecy.

There are lots of things being transmitted today that are still going to be in use three years from now. For example, think of financial information: if you use an encryption standard that's acceptable right now, but can be broken in three years (or, is trivially breakable in three years due to increases in computer power or techniques), then you're in trouble, because some of that information is still going to be sensitive/valuable in three years. The fact that you'll be using 4096 bits then doesn't matter, if someone grabs it now and crunches on it for a while. Same with identification numbers (SSNs, etc); if I grab a batch of numbers today, most of them will probably still be good in ten or fifteen years, and some of them will still be good in 30 or 40. That's how far out you need to be thinking when choosing an encryption standard for that data.

There are some things where only immediate security matters (transmitting big session keys that get thrown away a few hours or minutes later), but many other things -- and I think general file encryption falls into this category -- where it's hard to predict for how long the encrypted information might be sensitive or valuable.

Re:Still would take a while... (1)

rabblerabble (884373) | more than 6 years ago | (#19225293)

OTOH, who really wants to read my wifes Honey-Do list? Or, the hundreds of FW:FW:FW This is sooo funny emails I get everyday.

Re:Still would take a while... (1)

rworne (538610) | more than 6 years ago | (#19225405)

Actually, one should be worried when the length of time it takes to crack it falls within a time span that is less than the statute of limitations.

Why Does Encryption Need to "Scramble" Information (1, Interesting)

TheLazySci-FiAuthor (1089561) | more than 6 years ago | (#19225053)

Rather than just digesting using some key, It seems to me that you could set up two 'encryption' agents which talk to each other and form a random proprietary "language" that only each other can understand. This would be very much like a one time pad [wikipedia.org] - which is basically the only truly unbreakable encryption:

Code Talkers.

The Navajo language basically served as a one time pad in WWII - why not use programs which generate their own method of communication (their own "language") for use in transmitting information.

You simply could not crack it unless you already knew the information being sent.

Re:Why Does Encryption Need to "Scramble" Informat (1)

oni (41625) | more than 6 years ago | (#19225187)

uh huh. Right. Let's see you write a paper and an example implimentation of that. Good luck.

Re:Why Does Encryption Need to "Scramble" Informat (1)

BosstonesOwn (794949) | more than 6 years ago | (#19225481)

It would reference Klingon (sp?) language and quickly be filed in the circular file.

Re:Why Does Encryption Need to "Scramble" Informat (4, Informative)

AKAImBatman (238306) | more than 6 years ago | (#19225207)

Rather than just digesting using some key, It seems to me that you could set up two 'encryption' agents which talk to each other and form a random proprietary "language" that only each other can understand.

You mean, like generating a analogous OTP out of a pseudo-random number generator? Not only has that been done before [wikipedia.org] , but you're still left with a key: The seed which produced the pseudo-random sequence.

The Navajo code-talkers worked because the encoding was extremely obscure (security through obscurity at its finest!) and cryptography was still in its infancy. I sincerely doubt that the Navajo codes would stand up to a modern cryptographic analysis.

http://en.wikipedia.org/wiki/Navajo_Code_Talkers [wikipedia.org]

Re:Why Does Encryption Need to "Scramble" Informat (1)

UbuntuDupe (970646) | more than 6 years ago | (#19225485)

Is it really that easy now to learn an undocumented language, just from verbal radio transmissions and knowledge of related war events?

Incidentally, I suspect security through obscurity can serve a purpose in encryption. As I understand it, with public key encryption, it may be computationally intensive, but at least it can be automated and the problem is well-defined. If the eavesdropper had to first figure out, from the set of all possible encryption methods, which encryption method you were using, it may force her to apply human labor to finding the solution, which may be the scarcer resource.

Re:Why Does Encryption Need to "Scramble" Informat (1)

goddidit (988396) | more than 6 years ago | (#19225745)

Is it really that easy now to learn an undocumented language, just from verbal radio transmissions and knowledge of related war events?
Given enough time, it is.

Incidentally, I suspect security through obscurity can serve a purpose in encryption. As I understand it, with public key encryption, it may be computationally intensive, but at least it can be automated and the problem is well-defined. If the eavesdropper had to first figure out, from the set of all possible encryption methods, which encryption method you were using, it may force her to apply human labor to finding the solution, which may be the scarcer resource.
You must also exchange the rules of the language secretly if you want to maintain the security.
Also the assumption that we would need a human to figure out the language isn't necessarily true.

Re:Why Does Encryption Need to "Scramble" Informat (1)

CastrTroy (595695) | more than 6 years ago | (#19225351)

Isn't this the way some cryptography systems work? Using Diffie Helman key exchange to decide a secret key. Assuming nobody knows the key is what makes it secure. Just like in WWII, they assumed the enemy didn't understand Navajo. I'm not sure what kind of computing would be necessary for the computers to agree on a decryption/encryption language. They'd probably have a set list of ciphers that they both supported. I don't think there's any way to create strong ciphers on the fly. Another problem is how to transfer the cipher language to the other machine without anybody being able to intercept it. I guess the best solution would be to use diffie-helman key exchange to generate a key that's the same length as the message, and use that to encrypt the message. You would effectively create a one time pad. However, I think that something of this nature is currently too resource intensive for any reasonable size of message.

Re:Why Does Encryption Need to "Scramble" Informat (1)

The Real Nem (793299) | more than 6 years ago | (#19225431)

You simply could not crack it unless you already knew the information being sent.

Perfectly secure methods (one time pad) are perfectly secure because even if you have the cryptotext and the plaintext, the probably that the cryptotext is the plaintext is the same for all plaintexts if you don't know the key (e.g. if you knew the cryptotext is one of two plaintexts, the probability that it was one or the other is 0.5 regardless of what you know about the algorithm).

The Navajo language is an example of security through obscurity [wikipedia.org] , it's not comparable to one time pad. The Navajo language is susceptible to many attacks, e.g. frequencly analysis. [wikipedia.org]

Re:Why Does Encryption Need to "Scramble" Informat (0)

Anonymous Coward | more than 6 years ago | (#19225497)

"The Navajo language basically served as a one time pad in WWII..."

Ummm, no. A one-time pad is used, well, once. Code talkers (Navajo and others) worked because of the obscurity of the "code."

Re:Why Does Encryption Need to "Scramble" Informat (1)

Aoreias (721149) | more than 6 years ago | (#19225505)

What you're describing is basically a home grown encryption algorithm. Reverse engineering an encryption algorithm is (relatively) trivial if you have access to one of the programs generating the 'language'. Now, given that most encryption algorithms developed by expert cryptographers prove to have chips and sometimes holes in them, what odds do you think a non-cryptographer has of making even a half-decent algorithm?

Re:Why Does Encryption Need to "Scramble" Informat (1)

jshriverWVU (810740) | more than 6 years ago | (#19225549)

If I understand correctly this would be security via obscurity. All you'd have to do is learn the language and emulate it.

Re:Why Does Encryption Need to "Scramble" Informat (5, Interesting)

wfberg (24378) | more than 6 years ago | (#19225791)

The Navajo language basically served as a one time pad in WWII

No, they served as code-talkers. A one-time pad is a system whereby every bit of the encryption key is independent of the others (never reused, unlike codewords) and entropy is maximal. Simply translating stuff from one word to another is simple substitution, a simple code.

The reason Navajo Code Talkers were succesful wasn't because the scheme was particularly advanced. In fact, it would have been computationally trivial to break. However the messages relayed were only ever "tactical" in nature; i.e. communications in the field, of use during a fight, but old news in about 10 minutes. Had Navajo code talking been used to relay top-secret messages, it would have been broken fairly quickly. The reason for its success was that is was extremely cheap to implement for the US, and the secrets protected weren't valuable enough to spend huge effort on breaking. Economics, rather than mathematics.

Navajo wasn't used in Europe, because Germany had sent anthropologists to the US to learn native languages, anticipating precisely this scheme.

No shit? (0)

Anonymous Coward | more than 6 years ago | (#19225055)

> The lead researcher believes "the writing is on the wall" for 1024-bit encryption.

All we have to do now is wait for the 3 clusters worth of computing power to hit mid range servers and 1024 bit crypto is useless.

The writing was always on the wall, we've been using 2048 bit crypto for PGP for years now.

An NSA spokesperson disagrees (4, Funny)

Anonymous Coward | more than 6 years ago | (#19225075)

NSA research indicates that 1024-bit encryption is unbreakable and everyone should be using it.

Re:An NSA spokesperson disagrees (1)

Vandilizer (201798) | more than 6 years ago | (#19225285)

Close but I believe the exact words of the NSA researcher were:

1-bit encryption is unbreakable and everyone should be using it, meanwhile for enhanced security the government will be moving to 2^1024-bit encryption.

(This is Big Brother we are talking about)

this too (4, Funny)

Himring (646324) | more than 6 years ago | (#19225077)

Knowing this, too, will not help you pick up chicks in a bar....

Re:this too (3, Funny)

IthnkImParanoid (410494) | more than 6 years ago | (#19225197)

So if you integrate this into your lines it could be a factor in your chance to multiply?

Why yes, I am a big hit at parties.

The real sticky point... (3, Interesting)

JohnA (131062) | more than 6 years ago | (#19225119)

...is that most Certificate Authorities who have trusted certs in the major browsers / e-mail programs will NOT sign a certificate for any keysize greater than 1024 bits.

This artificial limitation is going to become more and more glaringly obvious as time goes on.

Re:The real sticky point... (3, Interesting)

Kadin2048 (468275) | more than 6 years ago | (#19225589)

I hate to be the guy who pulls out the tinfoil, but why not.

A few weeks ago I was reading Steven Levy's Crypto (not a bad book, although a little out-of-date now, but it brings back the dot-com nostalgia), in which he spends a lot of time describing the NSA's objections to strong civilian crypto in the U.S. in the 80s and early 90s. They went from absolutely opposing civilian crypto (particularly public-key stuff) tooth and nail, to suddenly just throwing in the towel. While I'm sure that much of that was just political pragmatism -- with the Cold War over, they were having a harder and harder time maintaining their objections in the face of 'progress' (in the form of a lot of pressure on Congress from business and the tech sector) -- but I can't help but wondering if they didn't figure something out that made them withdraw their objections to bigger key sizes.

Particularly since it's now known that some people on the government side knew about public-key crypto before it became public (the early-70s GCHQ paper, and I find it hard to believe that at its peak during the Cold War, someone at the NSA didn't find the same thing), they've had a long time to work on the problem -- though it's possible that they just totally squandered whatever lead they had, and are now at the same point that the unclassified world is, that just seems unlikely to me.

-1 author stupidity (4, Informative)

tomstdenis (446163) | more than 6 years ago | (#19225129)

SNFS != GNFS. Factoring specific 1024-bit numbers of that form isn't always super hard.

That they pulled off a SNFS on a 1024 bit number is cool, but not the same amount of work for a GNFS against an 1024-bit RSA key.

Tom

The point is addressed in the article. (1)

Palmyst (1065142) | more than 6 years ago | (#19225209)

"Last time, it took nine years for us to generalize from a special to a non-special hard-to factor number (155 digits). I won't make predictions, but let's just say it might be a good idea to stay tuned."

The main problem with encyption (0)

Anonymous Coward | more than 6 years ago | (#19225163)

is that 90 - 95% of people don't seem to use it. You can move to a new apartment building (or house) and chances are you can get free Internet right away off of some soccer mom who didn't enable any encryption. (Yes I know routers don't use 1024). They need to enable encryption by default and randomly generate each router with a default password (random numbers and letters and print it in their manual)

Re:The main problem with encyption (1)

soft_guy (534437) | more than 6 years ago | (#19225553)

And then no one would buy your WiFi router because it was "too hard to use".

on the wall, eh? (3, Insightful)

Lord Ender (156273) | more than 6 years ago | (#19225167)

Considering RSA Inc. sells X.509 token/smart card devices which support ONLY 1024-bit keys, I don't think it's going anywhere for a while.

RSA uses primes. (1)

jd (1658) | more than 6 years ago | (#19225253)

But what about the other forms of public key encryption? Wikipedia also lists Diffe-Hellman, ElGammel, Eliptic Curve and others.

Re:RSA uses primes. (1)

Palmyst (1065142) | more than 6 years ago | (#19225665)

Those other algorithms have not been in use as widely or as long as RSA has been, (DH is a protocol, not an algorithm). So they have not been analyzed as extensively as RSA. The fact that more work has gone into factoring does not necessarily mean that the other public key algorithms are more secure.

"the writing is on the wall" for 1024-bit (2, Interesting)

blantonl (784786) | more than 6 years ago | (#19225269)

What exactly do they mean by the "the writing is on the wall" for 1024-bit encryption? Does the 307 digit long set of prime factors have some bearing on the ability to break encryption, or is it just a reference to the amount of sheer computing power out in the industry today?

I'm having a hard time making the coorelation.

Re:"the writing is on the wall" for 1024-bit (5, Informative)

Palmyst (1065142) | more than 6 years ago | (#19225441)

Yes, The RSA Algorithm for public key encryption [wikipedia.org] is based on the difficulty of factoring very large numbers. The key size is the number of bits in the number that has to be factored to break the encryption. Many of the modern security systems, including Verisign certificates for secure websites are based on RSA encryption and 1024 is a very common key size in use. Thus the ease of factoring 1024 bit numbers would indeed be a matter of concern.

RSA 101.

Re:"the writing is on the wall" for 1024-bit (1)

Profane MuthaFucka (574406) | more than 6 years ago | (#19225657)

It means that it takes 11 months to break a 1024 bit key now. 5.5 months next year, 2.25 months the year after that, 1.12 months the year after that, 2 weeks the year after that, 1 week the year after that, 3.5 days the year after that, and less than a day a couple years after that.

If you've got something really secret that you need to keep secret for a couple years, 1024 bit keys are inadequate right NOW. You need more bits to protect your secret.

Re:"the writing is on the wall" for 1024-bit (0)

Anonymous Coward | more than 6 years ago | (#19225751)

It's not a 307 digit number, you insensitive clod! It's 1039 digits long!

Yeah, I know it's unfunny >_>

Especially given the etymology of digit <_<

But let's nevermind that. I, for one, welcome our calculating overlords!

That's nothing! (2, Funny)

iamacat (583406) | more than 6 years ago | (#19225273)

I just factored 2^2048 in a few milliseconds on a single computer. Your bank account balance was just donated to support world peace. RSA is doomed? Oh, wait? Are you saying RSA is based on numbers which are products of two large primes, not just some numbers with lots of small factors? Bummer!

ummm.... (1, Offtopic)

Ace905 (163071) | more than 6 years ago | (#19225279)

Ok, I know this is an overplayed argument - the 'humanity' card. Like when NASA announces they've found a way to get 3 men to the moon for just under 8 billion dollars - and people say, "Umm, couldn't we use 8 billion dollars in Florida for our worst-in-the-country school system?"

Obviously, that's a long and involved argument. But in this case - factoring a very large prime number - just by using methods we *knew* would work - but had never dedicated the resources to - what kind of real progress is that? We haven't really learned anything - have we?

Wouldn't that computing time have been way way more valuable to any of the 'potentially useful' distributed computing projects floating around out there? This sounds like a monumental waste of sciences new most-precious resource - CPU time.

---
monumental waste! [douginadress.com]

Re:ummm.... (0)

Anonymous Coward | more than 6 years ago | (#19225543)

Are you the new 'get some priorities' troll? If so, you should really donate your liver to a liverless child, rather than destroying it by drinking sterno. Thanks.

How funny (1)

Schnoogs (1087081) | more than 6 years ago | (#19225327)

Just the other day I was reading up on the RSA challange and was dissapointed to read that it had been cancelled. I was reading up on it because at work we were researching various algorithms for factoring large numbers. Good to know a the absence of a cash incentive hasn't slowed down progress in this field. ;) This seems like cool work to me and maybe an app like this would be a great addition to Folding at Home for the PS3!

How about no encryption? (-1)

Anonymous Coward | more than 6 years ago | (#19225377)

Encryption is an artifact of a society that believes privacy and property are important. As our technology improves, this is becoming more and more unrealistic.

Think hard about this. How can we have privacy in the digital age? People can see what you are doing behind closed doors using commercially available technology. And they can hear what you are saying. How can we expect to have privacy?

We already have these counter-privacy protections where in order to "protect" our privacy, we have to sign away our privacy. For example, go to a doctor in the U.S.. They give you a HIPAA form to sign, saying that they want to protect your privacy, so they won't share your medical information with others unless you sign this form saying they can do whatever the hell they want with your records. Oh, and if you don't sign it, you can die for all they care, 'cause they won't treat you. How does that protect our privacy?

Once the last shreds of our privacy go away (and it really is just a matter of time), then property is next.

You may not like the idea of having no privacy, but you will get used to it. The big upside is that without privacy, there is no crime.

And as we get rid of these artifacts of non-digital societies, we will also get rid of monarchs, rulers, leaders, etc. with the open source government [wikipedia.org] .

Re:How about no encryption? (3, Insightful)

fishbowl (7759) | more than 6 years ago | (#19225687)

>Think hard about this. How can we have privacy in the digital age?

By and large, "we" don't even use *mild* crypto, even in places where we really should be using *hard* crypto.

Do we actually *want* privacy? Seems not.

Two ways to FUD (0, Offtopic)

140Mandak262Jamuna (970587) | more than 6 years ago | (#19225409)

bool microsoft_fud_manager::HandleNews(){
      if( GetPlatform(clusters) == "Linux" ) then
              return IssuePressRelease("Linux is a hackers tool breaking encryption");
        }else if( GetPlatform(clusters) == "Windows"){
              return IssuePressRelease("Windows Rules! We solve big problems");
        } //throw "unexpected condition"; //throw disabled by bg.
        IssueGeneralFud();
}

Some details of the computation size. (3, Informative)

Palmyst (1065142) | more than 6 years ago | (#19225525)

From http://www.ddj.com/blog/portal/archives/2007/05/wo rld_record_fo.html [ddj.com] Using the sieve program developed at the University of Bonn, NTT, EPFL, and the University of Bonn respectively provided 84.1 percent, 8.3 percent, and 7.6 percent of the calculation resources, and the calculation amount equivalent to 95 years of operation on a 3-Ghz Pentium D. PC clusters at NTT and EPFL, consisting of 110 and 36 PCs, respectively, were run in parallel for more than two months for the calculations. The results were 47 non-trivial solutions of the simultaneous equations defined by an approximate 70,000,000 x 70,000,000 large sparse linear matrix.

Long distance before 1024 bits (1)

SiliconEntity (448450) | more than 6 years ago | (#19225559)

The largest RSA number so far factored is only 663 bits. 512 bits in 1999, 576 bits in 2003, 663 bits in 2005. Call it 100 bits improvement in 2 years. At this rate we should be due for a 700 and some bit number this year, with 1024 bits 5-10 years away.

The RSA Factoring Challenge [wikipedia.org] has been suspended, i.e. they are no longer giving out prize money, but the numbers still stand as a good reference for where we are in comparison to 1024. There's a lot of mileage between here and there.

Quadruple AES? (2, Interesting)

W2k (540424) | more than 6 years ago | (#19225561)

I'm hoping there are some crypto geeks in the audience who can answer this. I know that back in the days when DES (with 56-bit keys) was the best there was, some genius invented TDES, which was simply three passes of DES, for a total key length of 168 bits. However, running DES thrice does not triple the "security" (resistance to brute-force cracking) of the cipher, rather the 168 bit key provides security equal to that of a 112 bit key due to some mathematical technicality that I've forgotten.

Now for my actual question. There isn't a symmetric crypto algorithm that I know of that can use 1024 bit keys (except for stream ciphers, maybe RC4?); the best block cipher is AES (Rijndael) which supports 256 bit keys. If one would "invent" QAES, i e quadruple QAES, for a total key length of 1024 bits, what would the "effective" key length be?

in related news (2, Funny)

circletimessquare (444983) | more than 6 years ago | (#19225605)

any security measure built by a man can also be broken by a man

there is absolutely no such thing as 100% security

and there never will be

for most of us, 99.9999999999999999999999% security will do

for the rest, sweaty heart palpitations and paranoid schizophrenia will do

and... (0)

Anonymous Coward | more than 6 years ago | (#19225681)

not to be trite, but in the end, all that matters is love

wha? (0)

Anonymous Coward | more than 6 years ago | (#19225689)

Your tax dollars at work...
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...