Re: Trillian Secure IM

On Thu, 11 Oct 2007 21:50:06 -0700
Bill Stewart <bill.stewartpobox.com> wrote:

> 
> > > | Which is by the way exactly the case with
SecureIM. How
> > > | hard is it to brute-force 128-bit DH ? My
"guesstimate"
> > > | is it's an order of minutes or even
seconds, depending
> > > | on CPU resources.
> 
> Sun's "Secure NFS" product from the 1980s had
192-bit Diffie-Hellman,
> and a comment in one of the O'Reilly NFS books says
that
>          "However, by 1990, advances in RISC
processors produced
>          workstation machines that could, by brute
force,
>          derive the private key from any public key in
under a day."
> but that in 1987 there were still a lot of Motorola
68010 machines
> that took several minutes to generate keys so they
didn't want it
> longer. I'm guessing that a 1990 RISC machine was
around 50 MIPS,
> so it's maybe 1/100 the speed of a modern single-core
CPU.
> 
> 128-bit DH sounds like as good a decision as using
40-bit RC4 keys
> would be today.
> 
It wasn't just brute force, it was math.

Article{         nfscrack, 
  author        = {Brian A. LaMacchia and Andrew M.
Odlyzko},
  journal       = {Designs, Codes, and Cryptography},
  pages         = ,
  title         = {Computation of Discrete Logarithms in
Prime Fields},
  volume        = ,
  year          = ,
  annote        = {Describes how the authors cryptanalyzed
Secure RPC.}
}



		--Steve Bellovin, http://www.cs.columbi
a.edu/~smb

------------------------------------------------------------
---------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography"
to majordomometzdowd.com