# Chapter 7: Key Length

 Sana 11.12.2017 Hajmi 458 b.

• ## For a block cipher

• Cryptanalyst needs a small amount of ciphertext and the corresponding plaintext (known plaintext attack)
• Getting this plaintext and ciphertext is easy
• Just intercept standard header of an e-mail or a standard header of file formatted by a word processor
• ## Complexity

• For 64 bits, 264 keys possible
• Assuming a million keys a second, it will take 2285 years
• Algorithm must be secure so that there is no alternative to break any other way except using brute-force attack

• ## Michael Wiener (1995)

• Designed 56-bit DES cracking, specialized parallel processing machine for \$1 million, which can crack a key in 3.5 hours.
• Moore’s Law
• Computing power doubles approximately every 18 months, which means costs go down by a factor of 10 every 5 years
• \$1 million of machine of 1995 will cost \$10000 today
• Check table 7.1 for time estimates in 1995

• ## Using 200 million giant Cray mainframe-like computers, each performing a million encryptions per second

• To recover a 128-bit key would take a million times the age of the universe

• ## Annual output of our sun is about 1.21*1041 ergs

• enough to power 2.7*1056 single bit changes
• Enough to put a 187-bit counter through all its values
• Implies that 256-bit keys will be infeasible for cracking using brute-force attack

• ## Years 2005 -2010

• Individual: 1280 bits
• Corporation: 1536 bits
• Government: 2048 bits
• ## Year 2015

• Individual: 1536 bits
• Corporation: 2048 bits
• Government: 2048 bits

• ## Two brute-force attacks

• Given the hash of message, H(M), create another document M’ such that H(M) = H(M’)
• Find two random messages, M and M’ such that H(M) = H(M’)

• ## Assume the hash function produces an m-bit output

• Finding a message that hashes to a given hash value would require hashing 2m random messages
• Finding two messages that hash to the same value would require 2m/2 random messages
• ## Example, if you want to drop the odds of someone breaking to less than 1 in 280, use a 160-bit one-way hash function

Do'stlaringiz bilan baham:

Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©fayllar.org 2019
ma'muriyatiga murojaat qiling