On Wed, 15 Mar 1995, Mark G. Scheuern wrote: > On Wed, 15 Mar 1995, Jonathan Cooper wrote: > > > Date: Wed, 15 Mar 1995 20:35:44 -0500 (EST) > > From: Jonathan Cooper <entropy@IntNet.net> > > To: Vishy Gopalakrishnan <vishy@sph.umich.edu> > > Cc: bugtraq@fc.net > > Subject: Non-PK encryption not vulnerable via low key length?! > > You are wrong. > > > > If the key is only 128-bit, that's a much smaller keyspace to > > brute-force attack than a 1024-bit key. > > > > (do the math) > > > > -jon > > Okay, let's see. 2^128 = 3.4e38. Suppose you can somehow try one > billion keys per second. Then it will take you 3.4e29 seconds or > about 1e22 years to try every possible key. A shorter length of > time than it would take with a 1024 bit key, but I don't think I'd > lose much sleep over it. > > Mark > There must be ways of forcing convergence. Brute force is tacky. Erik ____ _____ _______ __ Erik Lindquist / _ | / ___/ / _____/ / / Systems Administrator / /_| | / /__ / / / / AECL Whiteshell Laboratories / __ | / ___/ / / / / VOICE: (204) 753-2311x3145 / / | | / /____ / /_____ / /_____ FAX: (204) 753-2455 /_/ |_| /______/ /_______/ /________/ E-mail: lindquie@wu1.wl.aecl.ca