From: pmetzger@shearson.com (Perry E. Metzger)
Date: Tue, 26 Jan 93 11:25:54 PST
To: jthomas@kolanut.mitre.org
Subject: Re: Computerized OTP (was 5th AMENDMENT & DECRYPTION)
Message-ID: <9301261853.AA21329@maggie.shearson.com>
MIME-Version: 1.0
Content-Type: text/plain


> From: thug@phantom.com (Murdering Thug)
> Since none of us have ever been inside the NSA, we cannot  
> underestimate
> their power and resources.  For all we know they may have 500 Intel  
> Delta
> supercomputers linked together, each having 65,536 i860-XP/50mhz  
> chips.
> We really don't know what kind of iron they possess.  Thus we can't  
> assume
> that they can't factor extremely large numbers easily.

Mr. Thug doesn't seem to understand the issue here.

Your fear should be that the NSA knows something about number theory we don't,
not that they possess a huge number of supercomputers. Consider that
we believe the factoring problem to be exponential in the number of digits.
That means that doubling the number of digits doesn't double the size of
the problem -- it makes it far, far, far worse. Indeed, I suspect that it could
be shown that using a key of only a few thousand digits, barring a change
in factoring algorithm there would be no way to factor the number in the
lifetime of the universe even were all the matter and energy in the universe
given over to the factoring problem. There are problems that are known to
be that size, by the way -- such as trying to do a complete search on the
game tree for chess.

So, if you are worried that the NSA might have 10,000 times the resources
you suspected, you can just add a few more digits on to your key and defeat
that possibility.

Myself, I always use a key thats as long as possible to be safe, but I think
that paranoia about their HARDWARE is wholely misplaced. The thing to
be paranoid about is that they know something about factoring algorithms that
we do not.

Perry