applied cryptography - protocols, algorithms, and source code in c

# In the newspaper business todays secrets are

This preview shows page 1. Sign up to view the full content.

This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: length (in bits) of the number, so the number of trials required would be superexponential with the length of the numbers used—worse than factoring by trial division! So, while quantum factorization is an area of great academic excitement, it is extremely unlikely that it will be practical in the foreseeable future. But don’t say I didn’t warn you. 7.3 Comparing Symmetric and Public-Key Key Length A system is going to be attacked at its weakest point. If you are designing a system that uses both symmetric and public-key cryptography, the key lengths for each type of cryptography should be chosen so that it is equally difficult to attack the system via each mechanism. It makes no sense to use a symmetric algorithm with a 128-bit key together with a public-key algorithm with a 386-bit key, just as it makes no sense to use a symmetric algorithm with a 56-bit key together with a public-key algorithm with a 1024-bit key. Table 7.9 lists public-key modulus lengths whose factoring difficulty roughly equals the difficulty of a brute-force attack for popular symmetric key lengths. This table says that if you are concerned enough about security to choose a symmetric algorithm with a 112-bit key, you should choose a modulus length for your public-key algorithm of about 1792 bits. In general, though, you should choose a public-key length that is more secure than your symmetric-key length. Public keys generally stay around longer, and are used to protect more information. 7.4 Birthday Attacks against One-Way Hash Functions There are two brute-force attacks against a one-way hash function. The first is the most obvious: Given the hash of message, H(M), an adversary would like to be able to create another document, M´, such that H(M) = H(M´). The second attack is more subtle: An adversary would like to find two random messages, M, and M´, such that H(M) = H(M´). This is called a collision, and it is a far easier attack than the first one. Table 7.9 Symmetric and Public-key Key Lengths with Similar Resistances to Brute-Force Attacks Symmetric Key Length 56 bits Public-key Key Length 384 bits 64 bits 80 bits 112 bits 128 bits 512 b...
View Full Document

{[ snackBarMessage ]}

Ask a homework question - tutors are online