GoogleIt Mail IT Print IT PermaLink307 Digit Number (1023 bits) Factored!
08:46:51 PM

Via Bruce Schneier: a link to A Mighty Number Falls.

The international team factored the current 307-digit behemoth using the "special number field sieve," a method devised in the late 1980s by Lenstra (then at Bellcore), his brother Hendrik, then a professor at UC Berkeley, English mathematician John Pollard and Mark Manasse from DEC. The 11-month job took a century of computer time.

Translate that "11 month job took a century" to mean that this factorization ran on a cluster with 100 or more CPUs for the 11 months.

What does this mean to users of Lotus Notes -- the largest installed base of PKI in the world? The "century", plus the fact that the number in question was "special" (and therefore some optimizations could be used that would not be available for an ordinary 1024 bit RSA key), means it will still take considerably more investment than 100 CPUs for a year to crack an arbitrary 1024 bit RSA key, so Notes 7's 1024 bit keys are still secure... mostly. At this point they can still be assumed to be secure against anyone except a government intelligence agency, but not for long. And if you haven't upgraded to 7 yet and have not upgraded your keys, well... you really do need to think about it.

Clearly, I was pretty far off the mark when I said of the increase in key size to 1024 bits in Notes 7 "As a rule of thumb, for every ten bits you add to an RSA key, the time to crack it doubles, so the extra 394 bits that you can gain from and ND7 upgrade should push the practical security window for Notes and Domino authentication and encryption out past 20 years again." It took nine years to get from factoring a "special" 640 bit number to an ordinary one. It won't take that long this time. Between Moore's Law and advances in factoring algorithms, I wouldn't even bet on it taking three years. Then maybe another five years before the cost and time factors come down to the point where a determined corporate spy could afford the effort. So maybe it's more like eight years. That seems like a pretty long time, but I know I've got encrypted data twice that old sitting on my hard drive. How about you?

The good news is that Lotus Notes 8 supports rollover to 2048 bit keys, and Notes 7 is forward compatible to that. I'm not sure if the 2048 bit support is ready in the current beta, but it's worth looking into.

This page has been accessed 154 times. .
Comments :v

1. Bruce Perry05/21/2007 10:17:08 PM

Moore's law has been steady for quite a while, but how about advances in factoring? That seems more like it would advance in fits and starts.

2. Richard Schwartz05/21/2007 10:33:44 PM

I think advances in cluster-based parallel computing probably have a good bit to do with the accelerated pace.

3. vesoftware11/05/2013 10:12:18 PM

Agen Bola Promo 100% SBOBET IBCBET Casino Poker Tangkas Online
ITUPOKER.COM AGEN POKER ONLINE INDONESIA TERPERCAYA : Toko belanja online murah, Promo heboh jual barang hanya Rp 1,-

4. generic_cialis09/08/2016 07:02:16 AM

Hello! , ,

5. cheap_cialis02/14/2017 01:07:43 AM

Order Cheap , for Affordable Prices on Your Prescriptions!

6. leilei391502/28/2017 02:24:20 AM

20170228 leilei3915

7. zzzzz02/28/2017 08:46:44 PM

Enter Comments^

Email addresses provided are not made available on this site.

You can use UUB Code in your posts.

[b]bold[/b]  [i]italic[/i]  [u]underline[/u]  [s]strikethrough[/s]

URL's will be automatically converted to Links

:-x :cry: :laugh: :-( :cool: :huh: :-) :angry: :-D ;-) :-p :grin: :rolleyes: :-\ :emb: :lips: :-o
bold italic underline Strikethrough

Remember me    

Monthly Archive
Responses Elsewhere

About The Schwartz


All opinions expressed here are my own, and do not represent positions of my employer.