Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [PEN-TEST] Places to find crypto craking tools

From: "William D. Colburn (aka Schlake)" <wcolburn () NMT EDU>
Date: Fri, 1 Dec 2000 14:27:02 -0700
Do your statements imply that 512 bits are still "safe" if the "public"
key is kept a secret?

On Fri, Dec 01, 2000 at 03:54:15PM -0500, Jose Nazario wrote:

while you are welcome to attempt to brute force the RSA public key to
obtain the private components, a better use of your time is to sieve the
publicly known bits to obtain the private information. they each used the
General Number Field Sieve code.



in short, brute forcing is theoretically possible, but don't waste your
time, faster methods are out there. and yes, the idea that RSA is
difficult to break is true, it's quite difficult, but not impossible. the
general belief is that 512 bit RSA keys have fallen. time will be needed
to factor 1024 bit keys. it's safe to assume that a determined and
resource rich enemy can break generic RSA (512 bit) encryption when the
gain is right.



--
William Colburn, "Sysprog" <wcolburn () nmt edu>
Computer Center, New Mexico Institute of Mining and Technology
http://www.nmt.edu/tcc/     http://www.nmt.edu/~wcolburn
Previous By Date Next
Previous By Thread Next

Current thread: