On Sun, May 21, 2006 at 11:31:09PM +0100, Wayne Stallwood ALUGlist@digimatic.plus.com wrote:
On Sun, 2006-05-21 at 22:57 +0100, Brett Parker wrote:
Not an expert, but I'd say that a 2048 bit pgp public key encrypted file would take "quite some time" to decrypt without being given the secret key, and generating the secret key would take "rather a while" from just the data that you can get from things encrypted using the public key.
When posting to the list please use tangible units to measure space/time
You don't make it clear whether you are referring to a metric "quite some time" or the imperial one...Therefore is this longer than "rather a while" or not ?
OK OK... let's do a bit of googling and find some random figures :) http://www.linuxjournal.com/article/8732 - mostly talks about symettric encryption, has some figures and a disclaimer saying "but hardware keeps getting cheaper" http://www.math.utah.edu/~beebe/PGP-notes.html#reading-list - a reading list full of useful links and book titles etc etc. probably worth reading to know more :) http://lists.gnupg.org/pipermail/gnupg-users/2004-June/022768.html - a relatively interesting post on the gnupg mailing list http://www.usatoday.com/tech/columnist/andrewkantor/2004-03-19-kantor_x.htm - much more interesting read. basically says "yeah, well, you have x keyspace, the timing comes down to how quickly you can generate and test keys."
But no one's going for hard and fast times. So, if we make an assumption of a 2048 bit key, and half the address space (it's a quick way of getting the average number of attempts across multiple keys of cracking the key)... so we get a possible key space of... ~3.2317 * 10^616 (that's a lot of keys!), now then... half of that is... 1.6159 * 10^616 keys... making an assumption of, say, lets be insane and go for 1000 keys a second... that will take 1.615 * 10^613 seconds, or, if you like... 5.1344 * 10^605 *YEARS* to brute force it ;) OK - so there might be less intensive ways to break it than brute force... but I haven't found any references to them yet.
Specifically we are looking for libraries of congress, Volkswagen beetles, surface of the sun, time since the big bang...that sort of thing :-)
*BOOM*! (or something like that).
If I get bored tomorrow I might look in to it further :)
Cheers, Brett.