> Is this a correct interpretation? Pretty close.
> My understanding of en-/decryption is that there is no indication of > progress toward finding a successful key match of a given > encryption. Not quite. If you're doing a brute-force attack it's easy to figure out what fraction of the possible number of keys you've tried, and to present that as a progress bar -- when the progress bar is half done, you've searched half the possible keys, and thus there's a 50% chance of finding the key by then. So yes, it's possible to come up with a pretty good estimate of how long it'll take to brute-force a cipher, and that lets you do things like status bars... it's just that the amount of time is, for any good system, ludicrously big. > Related to this is the oft-repeated request to avoid identifiable > information (initials, birth date, etc.) in a cryptographic key. I > presume this gives an attacker a preferred set of characters to > attempt before moving on to truly random combinations. Called "cribs", yes. Even then, this is rarely used in the key itself. Usually it's used as the input to a key derivation function, which accepts something nice and English-like as input and yields a garbled mess for output. > Finally, a brute force attack requires potentially billions of > attempts. Add *many* more zeroes on to this. :) > How does an attacker then perform a brute force attack? Does he cadge > a block of encrypted text and hammer on that until success? Without getting into high levels of detail, all I can say is "it will vary from system to system."
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
