Q: Has a change taken place in factoring RSA keys?

2003-10-28 Thread Jim Choate 
Hi,

One of the local Linux user groups had a talk at their meeting as well as
some extended discussion on the mailing list regarding RSA keys and
factoring.

In particular a claim was made that recent technology has come to light that
allows factoring of 1024 bit RSA keys at $1B (US)/day. The basic gist was that
they were claiming that 1024 keys were no longer reasonable outside of a life
time of approx. a year. That 2048 keys were by extension weaker, and that
larger keys should be the norm. There was some discussion about hacking GPG to
generate 8k keys.

I'm wondering if anyone might comment on this with regard to sources of info
or other efforts? In particular I'm interested in any leads regarding this
supposed hardware breakthrough.

I spent about an hour googling around and didn't really come up with
anything substantial.

Thanks.

 -- --

Open Forge, LLC  24/365 Onsite Support for PCs, Networks, & Game Consoles
512-695-4126 (Austin, Tx.)  [EMAIL PROTECTED]  irc.open-forge.com

Hangar 18  Open Source Distributed Computing Using Plan 9 & Linux
512-451-7087  http://open-forge.org/hangar18  irc.open-forge.org

James Choate  512-451-7087  [EMAIL PROTECTED]  [EMAIL PROTECTED]

Re: "If you use encryption, you help the terrorists win"

2003-10-28 Thread Major Variola (ret) 
At 03:12 PM 10/27/03 -0500, Tyler Durden wrote:
>spend pennies. Eventually you gotta figure that'll eat into the
invasionary
>funds, no? (Or am I being naive?)

To a troll-like extent.

The government left the gold (etc) standard so they could print money to
fund wars.
They will also not hesitate to confiscate more of your income to fund
wars.
And will confiscate your children (or you) as cannon fodder.

MQV -> was Re: NSA Turns To Commercial Software For Encryption

2003-10-28 Thread Nymious 

> ECC: "Our algorithm is so good it has been 
>licensed by the NSA".

Yes. ... the MQV exchange is the 'best'
authentication/key exchange protocol known.  Using
large ECC keys would hedge against even breakthroughs
in quantum computing.

__
Do you Yahoo!?
Exclusive Video Premiere - Britney Spears
http://launch.yahoo.com/promos/britneyspears/

Re: "If you use encryption, you help the terrorists win"

2003-10-28 Thread Joe Block 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Oct 26, 2003, at 3:57 PM, Jurgen Botz wrote:

1) The general public doesn't really use crypto... partly because
it's "off the social radar", partly because it's just too difficult,
etc., etc.  As a result the TLAs can employ the kind of Orwellian
mass surveilance they would like and get useful information out of

So I think that they've learned that they really get the best of
both worlds with the status quo, and I don't see any indication
that they are about to rock this particular boat.  This may change
if the public infrastructure starts using more crypto by default
and people use better key management (smart cards?) but I don't
think that's really all that likely... at least at the moment
there doesn't seem to be any good momentum in that direction.
It's becoming easier for the public, though.  Apple's new Mac OS X 10.3 
includes S/MIME built into the mailer.  No more watching their eyes 
glaze over as I explain to my friends that they first have to install 
GPG, then find a plugin for their mail program, then try to teach them 
to create & send people keys.

I prefer the GPG model of relying on people I actually trust to certify 
a key belongs to who it claims to belong to than relying on a 
corporation, but at least this will start people thinking about 
securing their mail.

jpb
- -- 
Joe Block <[EMAIL PROTECTED]>

The fetters imposed on liberty at home have ever been forged out of the 
weapons provided for defense against real, pretended, or imaginary 
dangers from abroad.
 - James Madison
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.3 (Darwin)

iD8DBQE/nWbHyEXo8W2M9hsRAqiIAKCps/2yD6rC9FtXGIwQDow3MBfiHACeJVkg
bowdifaZFFGnewTC++i1eow=
=01Zu
-END PGP SIGNATURE-

Re: "If you use encryption, you help the terrorists win"

2003-10-28 Thread Tyler Durden 
"YOU want to do the encryption, not the ISP who can be secretly subpoenaed 
to
hand over the plain text."

Well, that too!

My point is and has been "crypto is econnomics" (to paraphrase Tim May 
during one of his moments of clarity). Better to get 'them' to get a 
subpeona and make 'em expend the effort (and $$$), just to find out the 
email's about Pamela Anderson's boobs. Or, better yet, to find out the 
enduser also encrypted the email (AND it's about Pamela Anderson's boobs).

Even if they dig out the plaintext, let them spend thousands of $$$ while we 
spend pennies. Eventually you gotta figure that'll eat into the invasionary 
funds, no? (Or am I being naive?)

-TD



From: Neil Johnson <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: Re: "If you use encryption, you help the terrorists win"
Date: Mon, 27 Oct 2003 11:37:47 -0600
On Monday 27 October 2003 10:53 am, Tyler Durden wrote:
>
> Hum...can an ISP offer encryption as a service?
>
> -TD
>
Ummm, are we forgetting about the Patriot Act and siblings ?

YOU want to do the encryption, not the ISP who can be secretly subpoenaed 
to
hand over the plain text.

At least if you get a subpoena you know about it.

--
Neil Johnson
http://www.njohnsn.com
PGP key available on request.
_
Fretting that your Hotmail account may expire because you forgot to sign in 
enough? Get Hotmail Extra Storage today!   
http://join.msn.com/?PAGE=features/es

ECC and blinding.

2003-10-28 Thread Neil Johnson 
Will ECC work with blinding (Chaum, Brands, etc.)  techniques?

Just curious.

-- 
Neil Johnson
http://www.njohnsn.com
PGP key available on request.

Re: NSA Turns To Commercial Software For Encryption (fwd from brian-slashdotnews@hyperreal.org)

2003-10-28 Thread Declan O'Reilly 
On Sun, 26 Oct 2003 22:01:50 -0600 (CST)
"J.A. Terranson" <[EMAIL PROTECTED]> wrote:


> Am I the only one here who finds this "requirement" excessive?  My god: are
> we looking to keep these secrets for 50 years, or 5 (or more) years?
> 
> Or am I missing something?
> 
> -- 
> Yours, 
> J.A. Terranson
> [EMAIL PROTECTED]
> 
>   "Every living thing dies alone."
>   Donnie Darko


50 years does sound like a reasonable figure for computing power and the ability to 
brute force a crack on anything encrypted. If one is lucky the actual time limit will 
be around 500 years , but with computing power increasing , its possible that what 
ever was encrypted 10 years ago , is now in danger of being cracked. 

And for some things ,there is no statute of limitations.

Declan O'Reilly

Re: "If you DON'T use encryption, you help the terrorists win"

2003-10-28 Thread Tim May 
On Monday, October 27, 2003, at 08:50  AM, Tyler Durden wrote:

"Basically they say things like "If you think the government can't 
break all
the encryption schemes that we have, you're nuts."  This guy was a 
math major
too, so he understands the principles of crypto."

Basically, the answer was hinted at by another poster.

For anyone who doesn't trust the government, the point to make is that 
crypto use is currently a red flag. Last year I went through great 
pains on this list to point out that right now the gubmint probably 
doesn't even need to break most encrypted messages in order to know 
something's up. This is only possible because outside of a coporate 
context few individuals use encryption.

If everybody uses encryption, then it matters MUCH less if the 
government can break any one message. What costs us pennies to encrypt 
may cost them thousands to break. That's the assymmetry we asyms can 
exploit. That's where we need to depart from a Tim May lone wolf 
approach to your friendly, smiling America-loving flag-waving 
cypherpunks: "If you don't use encryption then you help the terrorists 
win".
I have no patience with "If _EVERYBODY_ did foo, then" arguments.

Contrary to what many of the newcomers (last 5 years) here have argued, 
crypto anarchy was never about converting the world to one true 
political system--it was, and is, about those motivated to do so to 
find ways to drop out of the system and find ways to sabotage the 
various politicians and socialists and minorities using government to 
steal from them.

Finding ways to destroy large nests of socialists and minority welfare 
mutants is of course consistent with this individualist approach.

But silliness about "if everybody used encryption, then..." is just 
that, silliness.

"First we convert the world to our viewpoint" is an empty philosophy.

"Tyler Durden," you have never shown a trace of sophistication or 
cleverness in the several months you have been on this list.

--Tim May

Re: ECC and blinding.

2003-10-28 Thread R. A. Hettinga 
At 5:41 PM -0600 10/27/03, Neil Johnson wrote:

>Will ECC work with blinding (Chaum, Brands, etc.)  techniques?

I've heard serious people discuss it with a straight face, at least.

Chaumian blinding is simply big number multiplication, right?

And Chaum's double-spending detection is an M-of-N hash where M=N=2.

So doing that to an ECC message/public-key shouldn't be hard...

Cheers,
RAH

-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'