[wilhelmtux-discussion] Re: wilhelmtux-discussion Nachrichtensammlung, Band 2, Eintrag 28

Robert Ribnitz ribnitz at linuxbourg.ch
Mit Mar 26 15:02:04 CET 2003 

> Robert Ribnitz wrote:
> 
> > - Signing/Encrypting using GnuPG can provide a "secure" channel to 
> > voice opinions (I am sure the NSA, and other bodies have ways to 
> > decrypt such messages, but the avg. ISP does not). And given the 
> > amount of mail circulating, and that even for the NSA "considerable" 
> > time (I think, in the order of 10-20 minutes should be assumed), it is 
> > unlikely they pick "your" mail.
> 
> Certainly not! Even the NSA should not be able to read GnuPG encyrpted
> messages unless they have access to your secret key or use a
> man-in-the-middle attack. The factorization of large numbers is a
> numerically unsolvable problem because the numerical cost rises
> exponentially with key length. The rules of mathematics also apply to
> secret agencies. :-)
> 
> At the current key lenghts of 1024 to 2048 bits for public-key ciphers,
> it would take at least decades to centuries to break a single key by
> brute force - even if you used all the available computers in the world.
> 
> You can safely assume that the NSA cannot read any messages that are
> encrypted with state-of-the art encryption algorithms like RSA, DSA or
> the underlying single-key ciphers like AES. The US government would
> certainly not use algorithms themselves if they knew that a
> well-equipped opponent could break them in 10-20 minutes.
> 
> Kind regards,
> 
> Dietrich

I attended a coruse on cryptography, and know that the factorisation of
large numbers (300-400 decimal digits) is a quite 'time-consuming' task
to solve.

I know that if one comp. take 1 millennium to solve the problem, two
computers can do it in half the time. I don't say, gnupg keys are
routinely cracked, but I can well imagine that for 'promising cases'
this factorisation is done. Given enough computing power, esp. since the
problem can be divided into subproblems quite nicely.

An ASCI Red has many times the computing power of an ordinary pc, so it
can crunch numbers much faster.

I still think a bit of concern is worthwile.

Robert