Full Disclosure mailing list archives
Re: Time Expiry Alogorithm??
From: Anders Langworthy <hades () psilanthropy org>
Date: Fri, 19 Nov 2004 12:50:58 -0600
Pavel Kankovsky wrote:
If a certain deterministic computation (e.g. decryption) can be made intime T, then it can be made in any time T' > T.
This is true for breaking a cipher by brute force, but it doesn't account for (stop looking at me) somehow incorporating a timestamp into the encryption scheme to prevent 'legit' decryption after a certain time.
Note that what Gautam wants, namely a time-expiring cipher, cannot exist without some third party to provide validation and a timebase. This is what Kerberos does. Otherwise I can just set the clock back on my system and decrypt your damn message anyway.
On the other hand, the power of hardware as well as the knowledge of cryptanalysis oincreases as the time passes, ergo any cipher is going toexpire...in the sense someone will become able to break it and recover the plaintext without the (a priori) knowledge of the encryption key.
I'm going to disagree as politely as possible. As an example, using RSA with 1024 bit keys allows for around 10^150 possible primes. Compare this to the 10^70 some atoms in the known universe to see how disgustingly big that number is. Cracking this encryption scheme by searching the keyspace is laughable. Increase the keysize even a little bit from that and there are arguments that the universe doesn't even hold enough *energy* to allow for searching that kind of keyspace.
Now the other possibility: That somebody discovers a better way to factor primes (please don tinfoil hats before replying to tell me that the NSA has already done this, in Area 51, with help from Elvis). Mathematically, this is a very remote possibility, as factoring primes is probably an NP problem, and P is probably not NP. Neither of these has been proven, however.
Even allowing for the miniscule possibility that there is a shortcut to factoring primes, that doesn't necessarily mean that factoring huge primes will be an easy task. Using larger keys will still provide a measure of security.
//Anders The classic crypto primer: http://www.cyphernet.org/cyphernomicon/chapter2/2.5.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Time Expiry Alogorithm?? Gautam R. Singh (Nov 18)
- Re: Time Expiry Alogorithm?? Michael Simpson (Nov 19)
- Re: Time Expiry Alogorithm?? Andrew Farmer (Nov 20)
- Re: [Full-Dev-Server] Time Expiry Alogorithm?? Michael Simpson (Nov 19)
- Re: Time Expiry Alogorithm?? Pavel Kankovsky (Nov 19)
- Re: Time Expiry Alogorithm?? Anders Langworthy (Nov 19)
- Re: Time Expiry Alogorithm?? Andrew Farmer (Nov 20)
- Re: Time Expiry Alogorithm?? Anders Langworthy (Nov 20)
- Re: Time Expiry Alogorithm?? Anders Langworthy (Nov 20)
- Re: Time Expiry Alogorithm?? Pavel Kankovsky (Nov 21)
- RE: Time Expiry Alogorithm?? Tiago Halm (Nov 21)
- Re: Time Expiry Alogorithm?? Andrew Farmer (Nov 21)
- Re: Time Expiry Alogorithm?? Anders Langworthy (Nov 19)
- Re: Time Expiry Alogorithm?? Georgi Guninski (Nov 22)
- Re: Time Expiry Alogorithm?? Florian Weimer (Nov 22)
- Re: Time Expiry Alogorithm?? Andrew Farmer (Nov 23)
- Re: Time Expiry Alogorithm?? Florian Weimer (Nov 23)
- Re: Time Expiry Alogorithm?? Michael Simpson (Nov 19)