[Q] 128-bit symmetric encryption.
Denis McCauley
DenisMcCauley@ifrance.com
Sat May 31 09:34:03 2003
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Sat, 31 May 2003 00:48:12 -0400
Daniel Carrera <dcarrera@math.umd.edu> wrote:
> Hello,
>
> I'm trying to figure out "how strong" 128-bit symmetric encryption is.
Tell me
> if I got it right:
>
> For a good algorithm, the only possible attack is brute force. From
an earlier
> discussion, we can (roughly) estimate that it might take 50,000
computers at
> 2GHz one year to break 64-bit encryption. Now, 128-bit encryption
should take
> 2^64 times more computing power to break.
>
> In other words, if I had a trillion computers each going a 1
TeraHertz, it
> would take them mover 1.8 billion years to break it.
>
> In conclusion, breaking 128-bit encryption by brute force is
impossible.
>
> Is this correct?
Strictly speaking, no. In reality a brute force attack would rarely, if
ever, have to try 2^128 combinations to break the encryption because
it's a question of probability. An attacker has a 50-50 chance of
breaking it in half that number. But the probability of breaking the
encryption in a lifetime is so remote that it's unlikely a pure brute
force attack like that would be tried.
>
> Note: I am not saying anything about security. I know that there are
many
> other possible attacks. I know that the algorithm itself might be
broken so
> that brute force is not necessary. That's not what I'm asking about.
> Ultimately, I want to conclude that there is no point in using more
than
> 128-bits in symmetric algorithmw.
>
> Is this correct?
Assuming that the algorithm has no fault, there could be weaknesses to
be exploited at the level of implementation of the algorith by a given
application and in key generation. You can find some comments by Bruce
Schneier on this at http://www.counterpane.com/crypto-gram-9910.html
>
- --
=====================================
Denis McCauley
GPG/PGP keys at http://www.djmccauley.tk
=====================================
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2-nr1 (Windows 2000) - GPGshell v2.70
Comment: Key ID: 0x578247B4 (using signature subkey 0x4980C4F7)
Comment: 3C0A D97D 5FC5 A250 20BC EBC6 EB0E 9716 5782 47B4
iD8DBQE+2FonJpZGKkmAxPcRAvYUAJwOK0UWKpeeoTTSxn+GrfgQ6P6J4QCfXg2l
JYqPQTTHL8aU1yG10PP5/nk=
=YasG
-----END PGP SIGNATURE-----
_____________________________________________________________________
Envie de discuter en "live" avec vos amis ? Télécharger MSN Messenger
http://www.ifrance.com/_reloc/m la 1ère messagerie instantanée de France