Eggdev: blah blah

John johnny at technik.sth.ac.at
Sun Dec 6 20:09:41 CST 1998


<snip>

> anyways it has been shown that a keysize of 512 isnt even safe any more
and
> can be breaked in relative little time.

^^^^^^^^^^^^^^^

(btw, I dont even know what enc. stuff blowfish uses, so if this is off-
topic, you can just flame me... Ill forward it to bill-gates at microsoft.com
...)

PRESS RELEASE

CWI, Amsterdam - August 26, 1999

Security of E-commerce threatened by 512-bit number factorization

On August 22 1999, a team of scientists from six different countries, led by
Herman te

Riele of CWI (Amsterdam), found the prime factors of a 512-bit number, whose
size

models 95% of the keys used for protection of electronic commerce on the
Internet. This

result shows, much earlier than expected at the start of E-commerce, that
the popular

key-size of 512 bits is no longer safe against even a moderately powerful
attacker. The

amount of money protected by 512-bit keys is immense. Many billions of
dollars per

day are flowing through financial institutions such as banks and stock
exchanges.

The factored key is a model of a so-called "public key" in the well-known
RSA

cryptographic system which was designed in the mid-seventies by Rivest,
Shamir and

Adleman at the Massachusets Institute of Technology in Cambridge, USA. At
present,

this system is used extensively in hardware and software to protect
electronic data

traffic such as in the international version of the SSL (Security Sockets
Layer)

Handshake Protocol.

Apart from its practical implications, the factorization is a scientific
breakthrough: 25

years ago, 512-bit numbers (about 155 decimals) were thought virtually
impossible to

factor. Estimates based on the then-fastest known algorithms and computers
predicted

a CPU time of more than 50 billion (50 000 000 000) years.

The factored number, indicated by RSA-155, was taken from the "RSA Challenge
List",

which is used as a yardstick for the security of the RSA cryptosystem.

In order to find the prime factors of RSA-155, about 300 fast SGI and SUN
workstations

and Pentium PCs have spent about 35 years of computing time. The computers
were

running in parallel -- mostly overnight and at weekends -- and the whole
task was

finished in about seven calendar-months. ...

In addition, an essential step of the project which requires 2 Gbytes of
internal memory

has been carried out on the Cray C916 supercomputer at SARA (Academic
Computing

Centre Amsterdam).

Given the current big distributed computing projects on Internet with
hundreds of

thousands of participants, e.g., to break RSA's DES Challenge or trace
extra-terrestrial

messages, it is possible to reduce the time to factor a 512-bit number from
seven

months to one week. For comparison, the amount of computing time needed to
factor

RSA-155 was less than 2% of the time needed to break RSA's DES challenge.
...

The number and the found factors are:

RSA-155 = 109417386415705274218097073220403576120037329454492059909138-

421314763499842889347847179972578912673324976257528997818337970765372-

44027146743531593354333897

=

1026395928297411057720541965739916759007165678080380668033419335217907

11307779

*

1066034883801684548209272203600128786792079585759892915222706082371930

62808643




>
>
> John
>
> >
> > Also, I approved the two patches (the context bloat one, and the
> sharegreet
> > fix ..) however they dont seem to be coming through on the list ...
> *shrug*
> > .. if they dont come through within the next while, please resend, I
must
> > have goofed.
> >
> > Jeff
> >
> >
> > --
> > Jeff Fisher <guppy at eggheads.org>
> > guppy at Undernet - #eggdrop #borderlinesexaddicts
> >
> > "There is no programming language, no matter how structured,
> >  that will prevent programmers from writing bad programs."
> > -- L. Flon
> >
> >
> >
>
>





More information about the Eggdev mailing list