From: Karl Lui Barrus <klbarrus@owlnet.rice.edu>
Date: Fri, 21 Jan 94 12:18:11 PST
To: cypherpunks@toad.com
Subject: RE: RSA is weak link
Message-ID: <9401212005.AA10945@stygian.owlnet.rice.edu>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>    ...the IDEA encryption algorithm used in PGP is actually
>    MUCH stronger than RSA given the same key length.  Even with a 1024 bit
>    RSA key, it is believed that IDEA encryption is still stronger, and,
>    since a chain is no stronger than it's weakest link, it is believed that
>    RSA is actually the weakest part of the RSA - IDEA approach.
>Confirmation?

True; it is more expensive to do a brute force search over the IDEA
keyspace than it is to factor a 1024 bit number using the best known
factoring algorithm :)

I did some calculations once and I think the crossover point is
between 1500 and 1600 bits, at which point factoring becomes more
difficult than searching.



-----BEGIN PGP SIGNATURE-----
Version: 2.3a

iQCVAgUBLUA1OoOA7OpLWtYzAQGjwwQAwhDqTc6TKZqEjfO1xbC1llasfVfOL3wM
72ofDeWtw7vtdxFb98iLShomdwr12G6I+7qbHwzKyLM5+r/T/DzNRAW2e+MD894Y
DNAZazRz2YLuiGpr0LBSC1S6EyFbtcuwoPh1U5LORyUrEo4YCJsYYoFfcnN+Vb8B
ddv28VkktBs=
=irY2
-----END PGP SIGNATURE-----