Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Path: utzoo!mnetor!seismo!mcnc!duke!srt From: srt@duke.UUCP (Stephen R. Tate) Newsgroups: sci.crypt Subject: Re: New PubKey System Coming Message-ID: <9041@duke.duke.UUCP> Date: Fri, 9-Jan-87 14:56:16 EST Article-I.D.: duke.9041 Posted: Fri Jan 9 14:56:16 1987 Date-Received: Sat, 10-Jan-87 02:11:33 EST References: <3859@utcsri.UUCP> <5490@brl-smoke.ARPA> Organization: Duke University CS Dept.; Durham, NC Lines: 33 In article <5490@brl-smoke.ARPA>, gwyn@brl-smoke.ARPA (Doug Gwyn ) writes: > - It is virtually impossible for an outsider to break the > - decrypting key, which consists of a binary string of more than 1,000 > - characters, Mr. Vanstone said. > - "It would take more than a billion years, working with the > - fastest computers available, to break just one key," he said. > > I hope it is obvious to most readers of this newsgroup that > the above claim is bullshit. A similar argument would lead > to the claim that Rubik's cube would take forever to solve. > > I personally have broken cryptosystems with longer keys. > There is more to cryptosystem strength than key length. I think everybody realizes that, and actually it is your notice that is bullshit. The original posting (which you even quoted) draws no comparison between key length and time to break the key. They are two different statements in different paragraphs. The way I read this is similar to the way I would read a statement on, say, the RSA protocol. Namely, breaking the RSA protocol has the same complexity as factoring a very large number. The fastest computer available today would take several billion years to factor such a large number, giving the security of the system. Clearly, nobody would consider an attempt at trying *all* keys (which would take considerably longer than a billion years for such a large key) as you seem to imply (with the statement about Rubik's Cube). -- Steve Tate UUCP: ..!{ihnp4,decvax}!duke!srt CSNET: srt@duke ARPA: srt%duke@csnet-relay