Eggdev: blah blah

John johnny at
Sun Dec 6 20:09:41 CST 1998


> anyways it has been shown that a keysize of 512 isnt even safe any more
> can be breaked in relative little time.


(btw, I dont even know what enc. stuff blowfish uses, so if this is off-
topic, you can just flame me... Ill forward it to bill-gates at


CWI, Amsterdam - August 26, 1999

Security of E-commerce threatened by 512-bit number factorization

On August 22 1999, a team of scientists from six different countries, led by
Herman te

Riele of CWI (Amsterdam), found the prime factors of a 512-bit number, whose

models 95% of the keys used for protection of electronic commerce on the
Internet. This

result shows, much earlier than expected at the start of E-commerce, that
the popular

key-size of 512 bits is no longer safe against even a moderately powerful
attacker. The

amount of money protected by 512-bit keys is immense. Many billions of
dollars per

day are flowing through financial institutions such as banks and stock

The factored key is a model of a so-called "public key" in the well-known

cryptographic system which was designed in the mid-seventies by Rivest,
Shamir and

Adleman at the Massachusets Institute of Technology in Cambridge, USA. At

this system is used extensively in hardware and software to protect
electronic data

traffic such as in the international version of the SSL (Security Sockets

Handshake Protocol.

Apart from its practical implications, the factorization is a scientific
breakthrough: 25

years ago, 512-bit numbers (about 155 decimals) were thought virtually
impossible to

factor. Estimates based on the then-fastest known algorithms and computers

a CPU time of more than 50 billion (50 000 000 000) years.

The factored number, indicated by RSA-155, was taken from the "RSA Challenge

which is used as a yardstick for the security of the RSA cryptosystem.

In order to find the prime factors of RSA-155, about 300 fast SGI and SUN

and Pentium PCs have spent about 35 years of computing time. The computers

running in parallel -- mostly overnight and at weekends -- and the whole
task was

finished in about seven calendar-months. ...

In addition, an essential step of the project which requires 2 Gbytes of
internal memory

has been carried out on the Cray C916 supercomputer at SARA (Academic

Centre Amsterdam).

Given the current big distributed computing projects on Internet with
hundreds of

thousands of participants, e.g., to break RSA's DES Challenge or trace

messages, it is possible to reduce the time to factor a 512-bit number from

months to one week. For comparison, the amount of computing time needed to

RSA-155 was less than 2% of the time needed to break RSA's DES challenge.

The number and the found factors are:

RSA-155 = 109417386415705274218097073220403576120037329454492059909138-









> John
> >
> > Also, I approved the two patches (the context bloat one, and the
> sharegreet
> > fix ..) however they dont seem to be coming through on the list ...
> *shrug*
> > .. if they dont come through within the next while, please resend, I
> > have goofed.
> >
> > Jeff
> >
> >
> > --
> > Jeff Fisher <guppy at>
> > guppy at Undernet - #eggdrop #borderlinesexaddicts
> >
> > "There is no programming language, no matter how structured,
> >  that will prevent programmers from writing bad programs."
> > -- L. Flon
> >
> >
> >

More information about the Eggdev mailing list