Encryption and risk
Richard Pieri
richard.pieri-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org
Tue Oct 6 10:09:05 EDT 2009
On Oct 6, 2009, at 9:43 AM, markw-FJ05HQ0HCKaWd6l5hS35sQ at public.gmane.org wrote:
> Would you now argue that as computers become more and more powerful,
> that
> brute force cracking becomes far less time consuming?
>
> Sure, there are bugs, but anything that can be decrypted can be
> cracked
> given a reasonable amount of CPU and delta T.
False two counts. One, the Universe doesn't have enough time and/or
energy to run an exhaustive brute force attack on a single 128-bit
keyspace (Von Neumann-Landauer Limit).
Two, a one-time pad is effectively unbreakable. You could brute force
a short message but you would get multiple different messages without
knowing which is the correct one. Thus, while an OTP can be cracked
(deciphered by someone other than the intended recipient) the cracker
still doesn't know for sure what the real message is. OTP is one of
the reasons you really should read that article and _Practical
Cryptography_ while you are at it. OTP is a great example of a
perfect secure algorithm that can be weakened by the implementation,
notably in the strength of the random pad generator used. A less than
perfectly random pad makes the ciphertext susceptible to conventional
cryptanalysis which is much, much faster than brute force.
--Rich P.
More information about the Discuss
mailing list