AES attack calculations (money and time)
Hello, from time to time someone asks how secure (a)symmetric crypto really was and then our math and physics teacher Rob has his performance. Somebody just pointed me at this: http://2012.sharcs.org/slides/biryukov.pdf Of course, they say "No practical impact due to reliance on related keys" because they had to stay below 2^100 but considering that they refer to real hardware whereas here the theoretical lower energy limits are used I am a bit surprised. Is this paper correct? I am not an expert in these areas. The only point that came to my mind is that if you need energy of the magnitude of the US overall electricity consumption than you cannot ignore the energy costs. :-) Not even the impact on the prices for oil, gas and uranium at the world market. They calculated the price for chip fabs but not the one for power plants. So what may be the upport bound there: The NSA will never have access to more than 1% (or rather 10%?) of the US electricity consumption? IIRC then electricity generation costs is supposed to be about 4ct (Euro cent) per kWh in Germany. Lower for the old nuclear plants but even higher if you build new ones. So the 4TW mentioned in the paper would result in about four billion (10^9) EUR per year for electricity if I calculated that correctly. So maybe the rising energy prices turn out to at least protect our privacy... ;-) Another question as I am not familiar with crypto attacks: They are talking about plaintext there. Does that mean they need both plaintext and ciphertext to tun this kind of attack? If so then I assume the real computational effort is higher by orders of magnitude because you have to check whether each key is the right one. Is that correct? BTW: OpenPGP key generation on European TV again (starting at 28:30, 33:20 respectively) in German: http://www.arte.tv/guide/de/048515-004/tracks in French: http://www.arte.tv/guide/fr/048515-004/tracks Hauke -- Crypto für alle: http://www.openpgp-schulungen.de/fuer/unterstuetzer/ OpenPGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5 signature.asc Description: This is a digitally signed message part. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
unable to use gnupg on a read-only filesystem
Dear list, I am working on a read-only filesystem and I am using following command: echo "hello" | gpg -e -a -r mar...@example.com This command fails with the following errors: gpg: failed to create temporary file `/root/.gnupg/.#lk0x847421': Read-only file system gpg: fatal: can't create lock for `/root/.gnupg/trustdb.gpg' I don't have the option "use-temp-files" enabled in my config. Even when I explicitly disable it, I get the same errors: echo "asdf" | gpg --keyserver-options no-use-temp-files -e -a -r mar...@example.com Could somebody please advice how I can use gpg without temporary files ? many thanks, Martin ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: unable to use gnupg on a read-only filesystem
Am So 17.11.2013, 19:02:12 schrieb Martin Vegter: > gpg: fatal: can't create lock for `/root/.gnupg/trustdb.gpg' > Could somebody please advice how I can use gpg without temporary files ? That is a lock file. Try --lock-never Hauke -- Crypto für alle: http://www.openpgp-schulungen.de/fuer/unterstuetzer/ OpenPGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5 signature.asc Description: This is a digitally signed message part. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: [tor-talk] BitMail.sf.net v 0.6 - Secure Encrypting Email Client
| ... Further, getting two | computers to generate the exact same binary code from the exact same | source code is a surprisingly difficult challenge. It requires a | perfect match of everything from compiler versions to C library | versions right down to identical *clocks* -- because often, compilers | will incorporate timestamps into the output. | | Doing checksum validation of source code is feasible. Of binary code, | not really. Well said. Two binaries can be execution identical except for their use of registers -- their use of registers being an artefact of the compiler. --dan ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: [tor-talk] BitMail.sf.net v 0.6 - Secure Encrypting Email Client
On 11/17/2013 11:44 AM, d...@geer.org wrote: > Well said. Two binaries can be execution identical except for their > use of registers -- their use of registers being an artefact of the > compiler. In fact, it goes even deeper than that: many architectures allow their processor to dynamically reorganize and/or modify the code being executed. (Out-of-order execution is one example of this.) So even if you're running two binaries that are completely identical, the CPU may process them quite differently depending on the state of the system. This has some extraordinary implications for those who are trying to guarantee their CPU is operating exactly the same as another CPU! Every couple of years I look at this problem, read a couple of papers, and walk away muttering about now is a great time to start drinking heavily... ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: [tor-talk] BitMail.sf.net v 0.6 - Secure Encrypting Email Client
On 18-11-2013 6:21, Robert J. Hansen wrote: > So even if > you're running two binaries that are completely identical, the CPU may > process them quite differently depending on the state of the system. > This has some extraordinary implications for those who are trying to > guarantee their CPU is operating exactly the same as another CPU! > Every couple of years I look at this problem, read a couple of papers, > and walk away muttering about now is a great time to start drinking > heavily... Dijkstra's goal of formally prooving entire programs more complicated than hello world seems further away than ever. Don't loose any sleep over it, noone even tried that in practice anyway. -- ir. J.C.A. Wevers PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
