Quote:
Originally Posted by Anonymouse
(OT for a bit) Don't worry about it at all, because even if you have a supercomputer, you're not going to break public-key encryption this side of the Sun going nova, at least not until someone proves the Riemann Hypothesis* - and trust me, that ain't gonna happen any time soon because no-one on this planet has the slightest idea as to how to prove it, or even disprove it (it's believed to be true, and mathematicians are praying to God that it is true, because a number of major theorems are based on the assumption that it is!). They can spend as much dosh on it as they like, and waste years of computer time (that's computer-years, not man-years) - the difficulty in breaking encryption is mathematically fundamental.
The only known method of deriving the prime factors is to systematically check all the possibilities, because there is zero correlation between them (that is, neither prime tells you anything about the other) - and there are so many possibilities that the power or speed of the computer is entirely irrelevant. Without a proof of the Riemann Hypothesis, there's no known way to derive a faster method, so there aren't any shortcuts - mathematics doesn't work that way. They really are wasting their time and money; the reason you never hear of public keys being broken is that it simply does not happen. Planting a trojan is cheating and can be prevented in any case by a) decent AV software, b) not using an administrator account so the damn trojan can't install in the first place, and c) being careful - but that is not breaking encryption. I don't know offhand how many 60-digit primes there are, but I recall reading that there are enough to see us through several million years without repeating even once. The computer does not exist that can crack that problem in the time available, i.e. approx. 5,000,000,000 years.
If it could be done, it would have been by now and the news would have been all over the world in less than an hour. Encryption per se is perfectly safe unless some unsung mathematical genius turns up. Bear in mind that it takes over 300 pages of symbolic logic, starting from first principles, just to prove 1 + 1 = 2.
* If you're into recreational mathematics and/or popular science, you've probably heard of it and might even understand it. If not - to borrow from Arthur Dent, don't ask me how it works or I'll start to whimper...
|
Some clarity regarding encryption, the strengths and weaknesses needs to be disseminated to the wider audience who may have to face the dilemma of using encryption in order to stop their ISPs from stabbing the customer in the back through the use of the deep packet inspection abuse. There are thousands of good resources on encryption but I fear most of them are just too technical or too much information for the general public. Of course there are the 'Dummy' guides, but still too much information.
Expanded picture of book [ LINK ]
I think the entire problem/solution needs to fit on one A4 sheet and from this summary point the interested reader can jump to the next level which would expand the ideas from the summary sheet. The expanded ideas and explanations could lead to further expansion which would lead to further... etc etc
Here is a quick summary
[ * ] Good implementations of encryption are safe (not even the secret service super spooks can break it). One of the weakness in encryption schemes are bad implementations [
Bruce Schneier of Counterpane is a good reference point to explain bad implementation of crypto schemes :: unfortunately Counterpane security has been bought out by a backstabbing unethical company 'British Telecom' BT].
[ * ] The established encryption schemes are not broken they are bypassed
using other methods.
[ * ] Use pass phrases which cannot be guessed at or subject to a dictionary attack. Don't post your password where other people can see them... i.e. a postit note on the side of your monitor or in top draw of your desk. (A good place to keep your passwords is on a locked PDA or in a locked filing cabinet)
[ * ] Generate new private keys and pass phrases on a regular basis, this will ensure the likelyhood of being compromised is reduced to zero.