Re: 64bit or 1024bit - will it make a difference?

Karl J. Runge (runge@crl.com)
Sun, 11 May 1997 20:10:53 -0700


> From: Rick Hornsby <madhatter+@osu.edu>
> Subject: 64bit or 1024bit - will it make a difference?

On Sun, 11 May 1997, Rick Hornsby <madhatter+@osu.edu> wrote:
>
>
> I'm curious about something - and I will grant that I am not technically
> knoweldgable about the subject as I should be. If it takes us using spare
> cycles a few months to crack a 64 (56 really) bit by brute force, why in 10
> years couldn't the same exact thing be done to a 1024 bit key? We've all
> seen the amazing leaps and bounds by which processors (not to mention RAM,
> etc) have come in the last 5 or 6 years. Somehow I think there must be a
> better way than just making the key longer. Because as the keys get
> longer, the computers will get better. And even now, its possible to crack
> a 1024 bit code. Yeah, it'd take a heck of lot longer - but for
> $120,000,000 worth of equipment - it could probably be done in a decent
> amount of time.

Well, if you look at the ratio of number of keys to search:

2^1024 / 2^64 =

9745314011399999080353382387875188310876226857595007526867906457212948690766426102465615065882010259225304916231408668183459169865203094046577987296312653419531277699956473029870789655490053648352799593479218378873685597925394874945746363615468965612827738803104277547081828589991914110976

Which is way more than the number of particles in the universe.
(let alone number of dollars in the universe!)

So Brute force like we are doing won't work for 1024 bit "DES-like" keys.

But for cryptosystems like RSA were there is some mathematic structure
the algorithm is based on (i.e. products of large primes) who knows if
a method can be devised to crack it more easily than is currently known.
Indeed, it has long been speculated even the DES algorithm has enough
structure to provide a simpler means of attack (than brute force).

Karl