[Discuss] KeePassX
Richard Pieri
richard.pieri at gmail.com
Tue Aug 13 18:28:31 EDT 2013
Daniel Barrett wrote:
> In the absence of the 4096-bit private half of my key, how hard is it
> to decrypt the session key by brute force and thereby decrypt file
> Foo? Do the time arguments from this KeePass discussion apply?
That depends on the symmetric cipher used. CAST-128 (aka CAST5)
currently has no publicly known weakness so any attacks on the message
body would require an exhaustive search (brute force) on the session
key. This is a 128-bit key which is prohibitively expensive operation
for almost anyone (maybe not the NSA, we don't know for sure). RSA and
DSA likewise have no publicly known weaknesses so again it would require
an exhaustive search to recover the "master" key. As Ned pointed out,
RSA-4096 has an effective key space of 128 bits making it equally
expensive to perform an exhaustive search. DSA should be no worse than
RSA for this purpose.
So, barring weaknesses in either the symmetric or asymmetric ciphers
used, an attacker is stuck with an exhaustive search on a 128-bit key
space. That's probably good for a few years against anything less than
the NSA.
--
Rich P.
More information about the Discuss
mailing list