Unformatted text preview: length (in bits) of the number, so the number of trials required would be superexponential with the length of the numbers used—worse than factoring by trial division! So, while quantum factorization is an area of great academic excitement, it is extremely unlikely that it will be practical in the foreseeable future. But don’t say I didn’t warn you. 7.3 Comparing Symmetric and PublicKey Key Length
A system is going to be attacked at its weakest point. If you are designing a system that uses both symmetric and publickey cryptography, the key lengths for each type of cryptography should be chosen so that it is equally difficult to attack the system via each mechanism. It makes no sense to use a symmetric algorithm with a 128bit key together with a publickey algorithm with a 386bit key, just as it makes no sense to use a symmetric algorithm with a 56bit key together with a publickey algorithm with a 1024bit key. Table 7.9 lists publickey modulus lengths whose factoring difficulty roughly equals the difficulty of a bruteforce attack for popular symmetric key lengths. This table says that if you are concerned enough about security to choose a symmetric algorithm with a 112bit key, you should choose a modulus length for your publickey algorithm of about 1792 bits. In general, though, you should choose a publickey length that is more secure than your symmetrickey length. Public keys generally stay around longer, and are used to protect more information. 7.4 Birthday Attacks against OneWay Hash Functions
There are two bruteforce attacks against a oneway hash function. The first is the most obvious: Given the hash of message, H(M), an adversary would like to be able to create another document, M´, such that H(M) = H(M´). The second attack is more subtle: An adversary would like to find two random messages, M, and M´, such that H(M) = H(M´). This is called a collision, and it is a far easier attack than the first one. Table 7.9 Symmetric and Publickey Key Lengths with Similar Resistances to BruteForce Attacks Symmetric Key Length 56 bits Publickey Key Length 384 bits 64 bits 80 bits 112 bits 128 bits 512 b...
View
Full Document
 Fall '10
 ALIULGER
 Cryptography, Bruce Schneier, Applied Cryptography, EarthWeb, Search Search Tips

Click to edit the document details