| Viewing Single Post From: The NSA May Read My Mail | |
|---|---|
| insecure | Oct 11 2005, 06:42 PM |
|
Elite member
  ![]](http://209.85.122.85/static/1/pip_r.png)
|
Don't worry about the user names: we guessed you folks were the same folk anyway (after all, the names were presumably similar on purpose). Computers can break Caesar and Vigenere ciphers trivially - and do. And they can break stuff more complicated than that, too. But only because a human has first worked out how to break them, and instructed the computer accordingly. You talk about "no limit" to the number of computers an adversary can have, but what you really mean is "lots". It is possible to design a cipher so that "lots" isn't enough - provided the algorithm is solid enough to hold off the cryppies. Take, for example, a 256-bit cipher. Let's pretend, for the sake of argument, that we can perform 1000000000000 trial decrypts per second on a single computer. We can't, but let's pretend we can. And let's say we want to guarantee to retrieve the plaintext in under 100 years. How many computers will we need? We have 3162400000 seconds to play with, which means we can try 3162400000000000000000 keys on a single computer during that 100 year period. (I have been generous to the attackers, and assumed that every year is a leap year.) How many possible keys are there? 115 792 089 237 316 195 423 570 985 008 687 907 853 269 984 665 640 564 039 457 584 007 913 129 639 936, that's how many. So the number of computers we need is the huge number divided by the large number. That turns out to be: 36 617 109 782 089 972 748 295 823 532 903 229 310 004 928 362 692 447 138 565 568 713 289. Let's assume (rather adventurously) that each of these computers occupies just a single millimetre cubed in volume. If we think of that as a cube shape, it's over 33000000000000000000 metres, or well over 3400 light-years, on a side. You see? If you get the algorithm right, and have a big enough key, it's simply not going to be brute-forced. And that means you need a human to figure out a weakness in the algorithm. Computers suck at that kind of thing. |
 |
|
| The NSA May Read My Mail · Debates | |
3:48 PM Nov 28
