Chapter 7: Key Length

 Sana 11.12.2017 Hajmi 458 b. • For a block cipher

• Cryptanalyst needs a small amount of ciphertext and the corresponding plaintext (known plaintext attack)
• Getting this plaintext and ciphertext is easy
• Just intercept standard header of an e-mail or a standard header of file formatted by a word processor
• Complexity

• For 64 bits, 264 keys possible
• Assuming a million keys a second, it will take 2285 years
• Algorithm must be secure so that there is no alternative to break any other way except using brute-force attack • Michael Wiener (1995)

• Designed 56-bit DES cracking, specialized parallel processing machine for \$1 million, which can crack a key in 3.5 hours.
• Moore’s Law
• Computing power doubles approximately every 18 months, which means costs go down by a factor of 10 every 5 years
• \$1 million of machine of 1995 will cost \$10000 today
• Check table 7.1 for time estimates in 1995 • Using 200 million giant Cray mainframe-like computers, each performing a million encryptions per second

• To recover a 128-bit key would take a million times the age of the universe • See table 7.2 for results • Annual output of our sun is about 1.21*1041 ergs

• enough to power 2.7*1056 single bit changes
• Enough to put a 187-bit counter through all its values
• Implies that 256-bit keys will be infeasible for cracking using brute-force attack • If you want your keys to remain secure for 20 years, 1024 bits is likely too short • Years 2005 -2010

• Individual: 1280 bits
• Corporation: 1536 bits
• Government: 2048 bits
• Year 2015

• Individual: 1536 bits
• Corporation: 2048 bits
• Government: 2048 bits • In general, choose a more secure public key length than your symmetric key length. Public keys stays longer • Two brute-force attacks

• Given the hash of message, H(M), create another document M’ such that H(M) = H(M’)
• Find two random messages, M and M’ such that H(M) = H(M’)

• Assume the hash function produces an m-bit output

• Finding a message that hashes to a given hash value would require hashing 2m random messages
• Finding two messages that hash to the same value would require 2m/2 random messages
• Example, if you want to drop the odds of someone breaking to less than 1 in 280, use a 160-bit one-way hash function Do'stlaringiz bilan baham:

Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©fayllar.org 2019
ma'muriyatiga murojaat qiling