[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: encryption cluster

On Mon 10/11/04 18:05, Rich3800@aol.com wrote:
Given that encryption algorhytms sooner or later get cracked using more and more powerful processors or

Okay, to crack a 256-bit key you'll need either:

2^256 operations. Thats 115792089237316195423570985008687907853269984665640564039457584007913129 639936 operations. Assuming a trillion processors that can try a trillion keys per second, it will take around 1835871531540401373407708412745559168145452572 years to finish. If it was 128 bits it'd be 10790283070806 years. However, there's usually an attack that cuts the "bits" of security in half, so for a 256-bit key use the 128-bit key timeframe.

Or, do a birthday attack. Then you'd need 2^128 keys of storage. Thats 5444517870735015415413993718908291383296 bytes.

Distributed.net was/is attacking 56-bit keys or RSA keys (512, IIRC) which do NOT give 512-bits of security (its more like 56).

There's an interesting paper by Schnieder on how it would take more electricity to brute-force a 256-bit key then Sol is capable of putting out in a year.

So, yes you could use a cluster of machines to do complex encryption, but your best bet is to just get a good 256 bit cipher implementation then make sure thats actually the weakest link. One thing you might want to note is that the crypto is NEVER attacked in real life, its always the end-points since those are much simpler. Why break 128-bit, or even 64-bit, encryption if the end user isn't going to validate the SSL key?

Furthermore, your most likely talking about public/private key systems (like SSL), which depend on have large prime numbers. This are really easy to compute to generate a key so a cluster is not even needed (might add 5 minutes to boot up) and you'd still have to deal will transferring the keys securely to the client.

using clusters like distributed.net, is it possible to use a cluster of machines to pool processing power toward creating longer, more complex encryption keys, keys that would be redistributed to authorized client machines at the next time they boot up?

To UNSUBSCRIBE, email to debian-beowulf-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org


| Josh Lauricha            | Ford, you're turning    |
| laurichj@bioinfo.ucr.edu | into a penguin. Stop    |
| Bioinformatics, UCR      | it                      |
| OpenPG:                                            |
|  4E7D 0FC0 DB6C E91D 4D7B C7F3 9BE9 8740 E4DC 6184 |

Josh Lauricha
OpenPGP: 5A0D 92D3 D093 79DE F724 1137 6DF1 B5EB D9CE AAA8

Attachment: PGP.sig
Description: This is a digitally signed message part

Reply to: