List Info

Thread: Re: Trillian Secure IM
Re: Trillian Secure IM
country flaguser name
United States		 2007-10-13 17:28:07 
To add to the reference, a preprint is available online at

  http://www.dtc.umn.edu/~odlyzko/doc/arch/prime.d
iscrete.logs.pdf

A companion paper that was used crucially in the solution,
"Solving
large sparse linear systems over finite fields," pp.
109-133 in  
"Advances in Cryptology - CRYPTO '90," A. J.
Menezes and S. A. Vanstone 
(eds.), Springer Verlag, Lecture Notes in Computer Science
#537 (1991)
is available at

  http://www.dtc.umn.edu/~odlyzko/doc/arch/sparse.li
near.eqs.pdf

Andrew Odlyzko, http://www.dtc.umn.ed
u/~odlyzko

   


  > On Fri Oct 12, Steve Bellovin wrote:

  On Thu, 11 Oct 2007 21:50:06 -0700
  Bill Stewart <bill.stewartpobox.com> wrote:

  > 
  > > > | Which is by the way exactly the case with
SecureIM. How
  > > > | hard is it to brute-force 128-bit DH ? My
"guesstimate"
  > > > | is it's an order of minutes or even
seconds, depending
  > > > | on CPU resources.
  > 
  > Sun's "Secure NFS" product from the 1980s
had 192-bit Diffie-Hellman,
  > and a comment in one of the O'Reilly NFS books says
that
  >          "However, by 1990, advances in RISC
processors produced
  >          workstation machines that could, by brute
force,
  >          derive the private key from any public key
in under a day."
  > but that in 1987 there were still a lot of Motorola
68010 machines
  > that took several minutes to generate keys so they
didn't want it
  > longer. I'm guessing that a 1990 RISC machine was
around 50 MIPS,
  > so it's maybe 1/100 the speed of a modern single-core
CPU.
  > 
  > 128-bit DH sounds like as good a decision as using
40-bit RC4 keys
  > would be today.
  > 
  It wasn't just brute force, it was math.

  Article{         nfscrack, 
    author        = {Brian A. LaMacchia and Andrew M.
Odlyzko},
    journal       = {Designs, Codes, and Cryptography},
    pages         = ,
    title         = {Computation of Discrete Logarithms in
Prime Fields},
    volume        = ,
    year          = ,
    annote        = {Describes how the authors cryptanalyzed
Secure RPC.}
  }



  		--Steve Bellovin, http://www.cs.columbi
a.edu/~smb

 
------------------------------------------------------------
---------
  The Cryptography Mailing List
  Unsubscribe by sending "unsubscribe
cryptography" to majordomometzdowd.com

------------------------------------------------------------
---------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography"
to majordomometzdowd.com
[1]

about | contact  Other archives ( Real Estate discussion Medical topics )