Key size overkill

Key size overkill

Post by Gamma300 » Sun, 20 Jul 2003 17:09:06



I've been doing some calculations (yes - I know I'm sad).

By my figuring, even if you were able to get hold of 100 Terahertz of
processing power, and each clock cycle was able to try a possibility on PGP
encryption, 128 bits would hold out for over 10^16 years. Is it just me, or
is the 2048 bit key that PGP recommends a bit overkill?

Calculations:
2^128 = 3.423*10^38  -  number of encryption possibilities for 128 bit
encryption

3.423*10^38 / 2 = 1.701*10^38  -  average number of possibilities that would
need to be tested

1.701*10^38 / 100T or 1.701*10^38 / 10^16 = 1.701*10^24  -  number of
seconds required to test this many possibilities, testing at 100 Teraherz

1.701*10^24 / (60 * 60 * 24 * 365) = 5.395*10^16  -  number of years
required to test this many possibilities

 
 
 

Key size overkill

Post by Nic » Sun, 20 Jul 2003 19:48:49


Quote:> I've been doing some calculations (yes - I know I'm sad).

Dont know about ur calculations, but how can it be overkill. The mo secure the better.

I just CANT fine the disadvantages of large(r) keys?

 
 
 

Key size overkill

Post by Neil W Ricker » Sun, 20 Jul 2003 22:50:58



>I've been doing some calculations (yes - I know I'm sad).
>By my figuring, even if you were able to get hold of 100 Terahertz of
>processing power, and each clock cycle was able to try a possibility on PGP
>encryption, 128 bits would hold out for over 10^16 years. Is it just me, or
>is the 2048 bit key that PGP recommends a bit overkill?
>Calculations:
>2^128 = 3.423*10^38  -  number of encryption possibilities for 128 bit
>encryption

Presumably the 128 bits is for symmetric keys, and the 2048 bits is
for public/private keys.  A direct comparison of key sizes is
unreasonable, due to the differences in methodologies and
constraints.

While any random 128 bits can be used as a symmetric key, most 2048
bit strings would not be usable as an rsa key (to take one example).

 
 
 

Key size overkill

Post by Gamma300 » Mon, 21 Jul 2003 02:33:12





> >I've been doing some calculations (yes - I know I'm sad).

> >By my figuring, even if you were able to get hold of 100 Terahertz of
> >processing power, and each clock cycle was able to try a possibility on
PGP
> >encryption, 128 bits would hold out for over 10^16 years. Is it just me,
or
> >is the 2048 bit key that PGP recommends a bit overkill?

> >Calculations:
> >2^128 = 3.423*10^38  -  number of encryption possibilities for 128 bit
> >encryption

> Presumably the 128 bits is for symmetric keys, and the 2048 bits is
> for public/private keys.  A direct comparison of key sizes is
> unreasonable, due to the differences in methodologies and
> constraints.

> While any random 128 bits can be used as a symmetric key, most 2048
> bit strings would not be usable as an rsa key (to take one example).

I figured that there was something in it like this, but I'm not sure what
the difference actually is.

I think I'll go trawling the FAQs again...

 
 
 

Key size overkill

Post by Alex » Mon, 21 Jul 2003 03:09:12


On Sat, 19 Jul 2003 18:33:12 +0100





> > >I've been doing some calculations (yes - I know I'm sad).

> > >By my figuring, even if you were able to get hold of 100 Terahertz
> > >of processing power, and each clock cycle was able to try a
> > >possibility on
> PGP
> > >encryption, 128 bits would hold out for over 10^16 years. Is it
> > >just me,
> or
> > >is the 2048 bit key that PGP recommends a bit overkill?

> > >Calculations:
> > >2^128 = 3.423*10^38  -  number of encryption possibilities for 128
> > >bit encryption

> > Presumably the 128 bits is for symmetric keys, and the 2048 bits is
> > for public/private keys.  A direct comparison of key sizes is
> > unreasonable, due to the differences in methodologies and
> > constraints.

> > While any random 128 bits can be used as a symmetric key, most 2048
> > bit strings would not be usable as an rsa key (to take one example).

> I figured that there was something in it like this, but I'm not sure
> what the difference actually is.

> I think I'll go trawling the FAQs again...

The difference is that factoring a public key lets you calculate the
private key.  It's easier to factor a key than to try all possible keys
with the same length.  Thus, the public/private pairs need to be larger
than a symmetric key for the same security.

--Alex

 
 
 

Key size overkill

Post by Gamma300 » Mon, 21 Jul 2003 18:44:04






> > >I've been doing some calculations (yes - I know I'm sad).

> > >By my figuring, even if you were able to get hold of 100 Terahertz of
> > >processing power, and each clock cycle was able to try a possibility on
> PGP
> > >encryption, 128 bits would hold out for over 10^16 years. Is it just
me,
> or
> > >is the 2048 bit key that PGP recommends a bit overkill?

> > >Calculations:
> > >2^128 = 3.423*10^38  -  number of encryption possibilities for 128 bit
> > >encryption

> > Presumably the 128 bits is for symmetric keys, and the 2048 bits is
> > for public/private keys.  A direct comparison of key sizes is
> > unreasonable, due to the differences in methodologies and
> > constraints.

> > While any random 128 bits can be used as a symmetric key, most 2048
> > bit strings would not be usable as an rsa key (to take one example).

> I figured that there was something in it like this, but I'm not sure what
> the difference actually is.

> I think I'll go trawling the FAQs again...

Got it. Symmetric and Asymmetric keys aren't equal. 128 bit symmetric
encryption is about as easy to brute force as 2304 bit asymmetric
encryption.

- PGP Attack FAQ

-----BEGIN GEEK CODE BLOCK-----
Version 3.12
GU d-(--) s+:- a--- C++(++++) !U W++(+++) N+(++) o K? w+(--) ?O

DI++++ D G e(*) h!>--- r++ z+>+++
------END GEEK CODE BLOCK------

 
 
 

1. 486-100 with 48MB ram...overkill?

Hi,
A buddy here is running an AMD 486-100 with 48...yes 48MB of RAM.
I say it's total overkill and he should sell/trade 16meg and buy a
Pentium motherboard and Pentium-class CPU.  He swears the DX4 with the
additional RAM will run just as fast.   I say the 32MB with a
Pentium class will be faster for most applications.

Who is correct?

Joe

2. ftp site for ZyXel code ?

3. 175 Overkill?

4. 2000i to lt97 problem

5. Overkill for the web?

6. COMDYNA GP-6 in SIMULINK

7. Full-size, wireless optical mouse with USB key receiver

8. Problems checking for mails

9. Key Sizes

10. Key indexing size limitations?

11. Question PGP key sizes

12. pgp key size

13. What does my key size mean in ENGLISH!