Encryption and risk

Richard Pieri richard.pieri-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org
Tue Oct 6 10:09:05 EDT 2009


On Oct 6, 2009, at 9:43 AM, markw-FJ05HQ0HCKaWd6l5hS35sQ at public.gmane.org wrote:
> Would you now argue that as computers become more and more powerful,  
> that
> brute force cracking becomes far less time consuming?
>
> Sure, there are bugs, but anything that can be decrypted can be  
> cracked
> given a reasonable amount of CPU and delta T.

False two counts.  One, the Universe doesn't have enough time and/or  
energy to run an exhaustive brute force attack on a single 128-bit  
keyspace (Von Neumann-Landauer Limit).

Two, a one-time pad is effectively unbreakable.  You could brute force  
a short message but you would get multiple different messages without  
knowing which is the correct one.  Thus, while an OTP can be cracked  
(deciphered by someone other than the intended recipient) the cracker  
still doesn't know for sure what the real message is.  OTP is one of  
the reasons you really should read that article and _Practical  
Cryptography_ while you are at it.  OTP is a great example of a  
perfect secure algorithm that can be weakened by the implementation,  
notably in the strength of the random pad generator used.  A less than  
perfectly random pad makes the ciphertext susceptible to conventional  
cryptanalysis which is much, much faster than brute force.

--Rich P.






More information about the Discuss mailing list