[clug] [OT] all text passwords == secure?

Martijn van Oosterhout kleptog at svana.org
Tue Aug 28 04:37:42 MDT 2012


On Tue, Aug 28, 2012 at 07:58:57PM +1000, Paul Wayper wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> On 28/08/12 12:32, Robert Edwards wrote:
> >> Also, Paul, are you "blindly" trusting GPG? How do _you_ know that large
> >> prime numbers really are hard to factor? What if someone did know how
> >> to do it? Would you necessarily trust them to tell everyone?
> 
> Yes, I would trust them to tell everyone, because by and large the people
> working on that maths are security researchers who publish.  Although the NSA
> and other country-level security organisations employ lots of mathematicians,
> and there's a non-zero chance that one of them could find it and not tell
> anyone, I doubt it would be discovered for long.

Actually, we know how to factor large prime numbers, it's the composite
numbers that are tricky. But that's probably what you meant anyway.

We also know an algorithm to factor large composites quickly, Shor's
algorithm: http://en.wikipedia.org/wiki/Shor%27s_algorithm

And we know it has been done for 4 bit numbers, see:

http://hardware.slashdot.org/story/12/08/26/1541256/solid-state-quantum-computer-finds-153x5-48-of-the-time
http://arxiv.org/pdf/1202.5707v1.pdf

This is using conventional chip-fabrication techniques, so easier to
scale.  If you apply Moore's law to that then your 1024-bit RSA key
starts looking dodgy in ten years, your 4096-bit key three years later. 
Elliptic curve won't save you.  Or as someone asks in one of the
slashdot comments, if a bunch of researchers can do this now with 4
bits, what can an organisation with practically unlimited budget and
interest like the NSA do?

It also breaks your perfect forward secrecy of Diffie-Hellman. So
anyone recording your SSH sessions now will be able to work out what
you typed, in ten years time.

May we live in interesting times indeed.

Have a nice day,
-- 
Martijn van Oosterhout   <kleptog at svana.org>   http://svana.org/kleptog/
> He who writes carelessly confesses thereby at the very outset that he does
> not attach much importance to his own thoughts.
   -- Arthur Schopenhauer
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 828 bytes
Desc: Digital signature
URL: <http://lists.samba.org/pipermail/linux/attachments/20120828/b300d942/attachment.pgp>


More information about the linux mailing list