cryptoanarchy.wiki

Arise, you have nothing to lose but your barbed wire fences!

1996-01-03 - Re: 2047 bit keys in PGP

Header Data

From: Sten Drescher <stend@cris.com>
To: Laszlo Vecsey <master@internexus.net>
Message Hash: 3364da9b81d9d4d257b996b9a3dd90a968de63ba15a926d592ca9bda3ff80b43
Message ID: <55zqc557z8.fsf@galil.austnsc.tandem.com>
Reply To: <Pine.LNX.3.91.960103133137.3229F-100000@micro.internexus.net>
UTC Datetime: 1996-01-03 22:45:07 UTC
Raw Date: Thu, 4 Jan 1996 06:45:07 +0800

Raw message

From: Sten Drescher <stend@cris.com>
Date: Thu, 4 Jan 1996 06:45:07 +0800
To: Laszlo Vecsey <master@internexus.net>
Subject: Re: 2047 bit keys in PGP
In-Reply-To: <Pine.LNX.3.91.960103133137.3229F-100000@micro.internexus.net>
Message-ID: <55zqc557z8.fsf@galil.austnsc.tandem.com>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="Boundary..3937.1071713532.multipart/signed"

--Boundary..3937.1071713532.multipart/signed
Content-Type: text/plain
Content-Transfer-Encoding: 7bit


(sorry if this is a duplicate)

Laszlo Vecsey <master@internexus.net> said:

LV> Are you sure it's a bug in the DOS version? When I did a pgp -kg in
LV> my UNIX shell (US version 2.6.2) I also entered 2048 bits and it too
LV> created a 2047 bit key instead.

	I had heard elsewhere that there was such a bug.  My mistake,
then.

LV> Why is there a limit to the size of the key anyway? It's too bad PGP
LV> doesn't support any size key (within reason).

	As I understand it (which, given my previous error, is in
serious doubt), after a point the IDEA session keys become far easier to
use a brute force attack on than the RSA keypair.  Since I think that
increasing the RSA keysize is supposed to double the attack time, if a
RSA key size of N takes as much time to break as 1 IDEA key, making the
RSA key N+8 bits makes it better to break the IDEA keys of 200 messages
rather than the RSA key.

	Does anyone know if there are comparisons of estimates of the
time to break the IDEA session keys used in PGP vs time to break RSA
keys of various sizes?

-- 
#include <disclaimer.h>				/* Sten Drescher */
To get my PGP public key, send me email with your public key and
	Subject: PGP key exchange
Key fingerprint =  90 5F 1D FD A6 7C 84 5E  A9 D3 90 16 B2 44 C4 F3
Junk email is NOT appreciated.  If I want to buy something, I'll find
you.


--Boundary..3937.1071713532.multipart/signed
Content-Type: application/octet-stream; name="pgp00001.pgp"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="pgp00001.pgp"
Content-Description: "PGP signature"

LS0tLS1CRUdJTiBQR1AgTUVTU0FHRS0tLS0tClZlcnNpb246IDIuNi4yCgpp
UUNWQXdVQk1PcnBZbHZCZ1JjZGtHd0ZBUUgvb0FRQXNyeTdPdjYyRzkzR1pC
UEU3Z3huSUw3VjBZeUxwbzFaCm5mTldobGlIelUyUzh5UTA0U0NaVjJ0dFFt
QjlWY0RROGFHOWVzMEZLeTVZQ2plTUZxdnE2Q2Z1OVQrV0ZFMDQKT1RQR2dI
dlVEdElZem9vU3NscjVsV1NhK0tsSU1GbHV4VWY2Zkk3TG9leThrdm1NY1RQ
elRjTDdzTU5LRTRMSQpzSi9tdEpxUUFmbz0KPTF2WkUKLS0tLS1FTkQgUEdQ
IE1FU1NBR0UtLS0tLQo=
--Boundary..3937.1071713532.multipart/signed--

Thread