Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.security.pgp.discuss > #196
| From | Collin <collin@sibilance.org> |
|---|---|
| Newsgroups | comp.security.pgp.discuss, sci.crypt |
| Subject | Re: Does the NSA cracking include PGP? |
| Date | 2013-09-11 10:30 -0400 |
| Organization | A noiseless patient Spider |
| Message-ID | <l0pupd$mib$1@dont-email.me> (permalink) |
| References | <PzIXt.35312$Fo7.27573@fx19.iad> <38a108077f6a06e4509b541d44f0858d@dizum.com> |
Cross-posted to 2 groups.
On 09/11/2013 09:52 AM, Nomen Nescio wrote: > On 9/10/2013 11:22 AM, Ramon F Herrera wrote: >> >> I have seen several articles about the NSA+British intel "news". They >> mention all the relevant protocols but PGP is conspicuously absent. >> >> http://www.zdnet.com/has-the-nsa-broken-ssl-tls-aes-7000020312/?s_cid=e539&ttag=e539 >> >> >> Is it perhaps because PGP is based on one of the others? >> >> TIA, >> >> -Ramon >> > pgp dose have a a problem for security > > it is based on LARGE prim numbers all one would have to do is build a > list of all primes that could fit in the list (Brute force) then keep > that list and do a dictionary attack on the file encrypted. With public > key they have one half of the problem with a know test file it could run > the dictionary attack on the out put file. This would take about > 2-3hours after you build the dictionary. > > I suspect they have that done already back in 2000 when it was no longer > kept from Export. > > but it still works for most corporations. > > One fix for this would be use a number base that is non standard ie one > slot can be 0 - 38424345 (that would be A Random number) What that would > do is change the prim numbers for all number bases have different prime > numbers. > Literally none of this is true, except that PGP uses RSA, which involves large prime numbers. A brute force attack by listing prime numbers is nowhere near the most efficient attack against RSA, and would take an unimaginably long time to perform. -- 17s2p7eIhnUIiAWFnm5Wwj34ywefxtYcP5eBuYBl05B/FDMu3GNFVxi8sh4Z 7AyvzES2Qxo1qofLIxjyE7lNpvrX0aR7vLq5/VE4V65p/eO4Uef58T7/HNZV P+KzjVPTsbJuOShguELet42BT17wGYqCedSNHlfg2/SH4SHqlIQOF9Qk9BmE it5vKqBJyrIRXbCOYD5QC8HFllNnWtuWZPBP4a268Of8em7D/HHtj5RLnY+C SS2xfeSp+DuTKI7wX495USwZRxn+SBnMdplk4n+4sqaYSxQlskdxVfczSU9e 2YlbEEdmN1chpzSBgmMoi8N0UNnd/cYnvuN/UmquYg==
Back to comp.security.pgp.discuss | Previous | Next — Previous in thread | Next in thread | Find similar | Unroll thread
Does the NSA cracking include PGP? Ramon F Herrera <ramon@conexus.net> - 2013-09-10 12:22 -0500
Re: Does the NSA cracking include PGP? unruh <unruh@invalid.ca> - 2013-09-10 18:21 +0000
Re: Does the NSA cracking include PGP? "David W. Hodgins" <dwhodgins@nomail.afraid.org> - 2013-09-11 03:18 -0400
Re: Does the NSA cracking include PGP? Juergen Nieveler <juergen.nieveler.nospam@arcor.de> - 2013-09-15 14:37 +0000
Re: Does the NSA cracking include PGP? Nomen Nescio <nobody@dizum.com> - 2013-09-11 15:52 +0200
Re: Does the NSA cracking include PGP? Collin <collin@sibilance.org> - 2013-09-11 10:30 -0400
Re: Does the NSA cracking include PGP? unruh <unruh@invalid.ca> - 2013-09-11 15:38 +0000
csiph-web