Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!mnetor!seismo!rutgers!sri-unix!hplabs!hpcea!hpccc!hpl-opus!jewett
From: jewett@hpl-opus.HP.COM (Bob Jewett)
Newsgroups: sci.crypt
Subject: Re: New PubKey System Coming
Message-ID: <1090002@hpl-opus.HP.COM>
Date: Thu, 8-Jan-87 13:52:48 EST
Article-I.D.: hpl-opus.1090002
Posted: Thu Jan  8 13:52:48 1987
Date-Received: Fri, 9-Jan-87 21:33:29 EST
References: <3859@utcsri.UUCP>
Organization: HP Labs, Instrument Tech. Dept.
Lines: 27

> / sci.crypt / gwyn@brl-smoke.ARPA (Doug Gwyn ) /  8:56 am  Jan  7, 1987 /

> -		It is virtually impossible for an outsider to break the 
> -	decrypting key, which consists of a binary string of more than 1,000 
> -	characters, Mr. Vanstone said.
> -		"It would take more than a billion years, working with the 
> -	fastest computers available, to break just one key," he said.
> 
> I hope it is obvious to most readers of this newsgroup that
> the above claim is bullshit.

    Pretty strong statement, Doug.  Let's look a little closer...

    If they use RSA, and the product number (public key) is 1000 bits long,
    we can ask how log it would take to factor the public key, or
    alternatively, how much it would cost.  It presently costs about US$100000
    to factor a 100 digit number.  The cost increases by a factor of ten for
    each ten digits.  1000 bits is 300 digits, so the cost of factoring the
    public key would be US$10000000000000000000000000.  I think that's enough
    to deter even the NSA.  For a Cray 2, assuming a cost of operation of
    US$10Meg per year, this works out to 10^18 years.  This is > 1 billion.

    Of course there are some hazy points.  Do they use RSA, are there fast
    methods of breaking RSA (or factoring), is "1000 characters" actually
    1000 bits, is my cost estimate and scaling formula correct, etc?  The
    point is that Mr. Vanstone's statement, while unclear as quoted, is not
    unreasonable.