Hello, from time to time someone asks how secure (a)symmetric crypto really was and then our math and physics teacher Rob has his performance.
Somebody just pointed me at this: http://2012.sharcs.org/slides/biryukov.pdf Of course, they say "No practical impact due to reliance on related keys" because they had to stay below 2^100 but considering that they refer to real hardware whereas here the theoretical lower energy limits are used I am a bit surprised. Is this paper correct? I am not an expert in these areas. The only point that came to my mind is that if you need energy of the magnitude of the US overall electricity consumption than you cannot ignore the energy costs. :-) Not even the impact on the prices for oil, gas and uranium at the world market. They calculated the price for chip fabs but not the one for power plants. So what may be the upport bound there: The NSA will never have access to more than 1% (or rather 10%?) of the US electricity consumption? IIRC then electricity generation costs is supposed to be about 4ct (Euro cent) per kWh in Germany. Lower for the old nuclear plants but even higher if you build new ones. So the 4TW mentioned in the paper would result in about four billion (10^9) EUR per year for electricity if I calculated that correctly. So maybe the rising energy prices turn out to at least protect our privacy... ;-) Another question as I am not familiar with crypto attacks: They are talking about plaintext there. Does that mean they need both plaintext and ciphertext to tun this kind of attack? If so then I assume the real computational effort is higher by orders of magnitude because you have to check whether each key is the right one. Is that correct? BTW: OpenPGP key generation on European TV again (starting at 28:30, 33:20 respectively) in German: http://www.arte.tv/guide/de/048515-004/tracks in French: http://www.arte.tv/guide/fr/048515-004/tracks Hauke -- Crypto für alle: http://www.openpgp-schulungen.de/fuer/unterstuetzer/ OpenPGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users