Re: 64bit or 1024bit - will it make a difference?

Justin Dolske (dolske@cis.ohio-state.edu)
Sun, 11 May 1997 23:19:58 -0400 (EDT)


On Sun, 11 May 1997, Rick Hornsby wrote:

>
>
> I'm curious about something - and I will grant that I am not technically
> knoweldgable about the subject as I should be. If it takes us using spare
> cycles a few months to crack a 64 (56 really) bit by brute force, why in 10
> years couldn't the same exact thing be done to a 1024 bit key?

Each additional bit doubles the time it takes to do a brute-force attack
on the keyspace. Adding on 968 bits to a 56 bit key does not make it 968
times harder to break, it makes it 2.48*10^291 times harder to break. I
don't even know how to express the scale on that number... If a 56bit key
took us 1 nanosecond to find, you're still takling about a grotesquely
large number of years to attack a 1024 bit key, like waaaaay over a
million years. It's generally accepted that anything around 120bits is
enough for even really paranoid people.

However, you're probably confusing cypher types here. Public key
encryption, like PGP, has properties that would make a brute-force attack
stupid. It's trivial to find factors of a number only a couple hundred
bits long. It's extremely difficult to find a factor of a number a
thousand or so bits long.

> And even now, its possible to crack
> a 1024 bit code. Yeah, it'd take a heck of lot longer - but for
> $120,000,000 worth of equipment - it could probably be done in a decent
> amount of time.

That's extremely unlikely, unless the algorithm has a serious flaw.

Justin Dolske <URL:http://www.cis.ohio-state.edu/~dolske/>
(dolske@cis.ohio-state.edu)
Graduate Fellow / Research Associate at The Ohio State University, CIS Dept.
-=-=-=-=-=-=-=-=-=-=-=-=-=- Random Sig-o-Matic (tm) -=-=-=-=-=-=-=-=-=-=-=-=-
In line with the government's efforts to cut spending, the light at the
end of the tunnel has been turned off.