On Thu, 16 Mar 1995, That Whispering Wolf... wrote: > > > Correct me if I am wrong - RC2 and RC4 are not public key cyrptosystems, > > > and hence are not "prone" to the problems with low moduli. > > > > You are wrong. > > > > If the key is only 128-bit, that's a much smaller keyspace to > > brute-force attack than a 1024-bit key. > > > > (do the math) > > You add a qualifier here -- "brute force attack" -- that makes your statement > technichally correct, but misleading. > > You generally see keyspaces of 1024 bits (etc) in public key cryptosystems > (RSA/PGP). You see 128-bit keysizes on traditional cryptosystems, like RC2, > RC4, IDEA (the -real- encryption in PGP), etc. > > The problem here is that the best way to break a public-key cryptosystem > is _not_ by brute force. RSA gets it's strength from the fact that it's very > hard to factor a large number (1024 bits, for example) made up of two > multiplied large primes, into it's individual primes. To break RSA, you > 'simply' have to factor the key, which is orders of magnitude faster than > a brute force attack on the system. > > Large key sizes are required for public-key cryptosystems, because HUGE > advances are being made in number factoring. 1024-bit keys are still out > of reach, but for how long? > > In the case of RC2 and RC4, the best (known -- Important word here) attack > is a brute force attack on the key -- something that is, for the moment, > prohibative. Giveen huge advances in current technology, it'd still > take YEARS to crack -one- key. > RC2 and RC4 are both public key systems -- then why wouldn't factoring the key prove equally as (greatly more) effective as with attacks on RSA/PGP. __pardon_my_misunderstanding__but__? > Anyhow, bottom line is that saying "RSA with a 1024 bit key is more secure > than RC4 with a 128 bit key" is a bit silly -- You're comparing apples to > oranges. Nobody's going to brute-force attack RSA, since there are much better > ways to crack the system. > > -WW > Erik ____ _____ _______ __ Erik Lindquist / _ | / ___/ / _____/ / / Systems Administrator / /_| | / /__ / / / / AECL Whiteshell Laboratories / __ | / ___/ / / / / VOICE: (204) 753-2311x3145 / / | | / /____ / /_____ / /_____ FAX: (204) 753-2455 /_/ |_| /______/ /_______/ /________/ E-mail: lindquie@wu1.wl.aecl.ca