Backing up Private Keys
Ashley Holman
dscvlt at gmail.com
Mon Apr 15 13:33:20 CEST 2013
Thanks very much for that information. That gives me a lot to consider and
look into.. and also some confidence in the defaults :). Thanks also for
the link to PaperWallet. I will check that out.
What I meant by "brute force" was that an attacker could generate all
possible passphrases in a given keyspace and try each of them in an attempt
to decrypt my passphrased secret key. Eventually one of the attempts
should succeed. I did some calculations to try to work out how long it
might take to brute force, and the results were more like decades instead
of something more impressive like "long after the sun has exploded".
So for example's sake, lets say my passphrase keyspace is in order of
10^25. I'll also assume that a sophisticated attacker might be able to
make 1 million attempts per second (maybe this is where my assumptions are
off - but the bitcoin network generates trillions of hashes per second by
comparison).
>> (10^25/10^6) / 86400 / 365
ans = 3.1710e+11
300 billion years at that rate. But, if I account for moore's law, I
should assume that the attempts per second will increase each year. If I
assume 50% increase in computing power per year then I get:
>> log((10^25/10^6) / 86400 / 365) / log(1.5)
ans = 65.314
So 65 years. I know this is a really long time, but it's not as impressive
as millions of years would be. Does this mean that people in the 22nd /
23rd century might be able to crack old passphrased keys really easily?
(ok, maybe there are likely to be maths advances by that point anyway).
Quite likely I've made and mistakes in my calculations and/or bad
assumptions so let me know if that is the case.
Thanks again
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20130415/73a72833/attachment.html>
More information about the Gnupg-users
mailing list