1996-03-07 - Re: Signature 2

Header Data

From: Derek Atkins <warlord@MIT.EDU>
To: “Charles Choi (SAR)” <choi@virtu.sar.usf.edu>
Message Hash: 5d309697cba0c88861d43d25c5ff228471c22096fb49c992558343953abf0ce9
Message ID: <199603060218.VAA08242@in-touch.mit.edu>
Reply To: <Pine.SUN.3.91.960305202130.11469B-100000@virtu>
UTC Datetime: 1996-03-07 08:06:43 UTC
Raw Date: Thu, 7 Mar 1996 16:06:43 +0800

Raw message

From: Derek Atkins <warlord@MIT.EDU>
Date: Thu, 7 Mar 1996 16:06:43 +0800
To: "Charles Choi (SAR)" <choi@virtu.sar.usf.edu>
Subject: Re: Signature 2
In-Reply-To: <Pine.SUN.3.91.960305202130.11469B-100000@virtu>
Message-ID: <199603060218.VAA08242@in-touch.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain


Hi,

> Assumption 1 : a privacy key can become uncrackable.
> Assumption 2 : an individual signature can become immune to fraud.
> Posit : fuse the two together so that pseudonyms/aliases/online names ensure 
> 		complete privacy, but ensure that you talk to the same person
> 		everytime.  
> Probably proposed already.

Unforutnately both of your assumptions are wrong.  A key cannot be
100% uncrackable, and a signature cannot be 100% immune to fraud.
With electronic security, there is always a chance that a key can be
cracked or a signature forged.  The question is how hard is it to
crack the key or forge the signature?  You need to balance the
security with the price.

For example, a 1024-bit RSA key cannot be cracked, today, in a
reasonable amount of time.  However it is unclear how long that will
last.  Look at RSA-129; in 1977 Ron Rivest said it would take 40
quadrillion years to break the key.  In 1993-4 it took 8 months (5000
MIPS-years).

A key has a limited size, therefore it is theoretically possible to
try every single key (this is called brute-force).  Therefore it is
impossible to have 100% uncrackable keys.  Singatures have the same
problem.

Enjoy!

-derek





Thread