Slashdot Mirror

← Back to Stories (view on slashdot.org)

RSA-576 Factored

Posted by michael on from the long-division dept.

An anonymous reader writes "I thought Slashdot would have picked this up several days ago, but apparently not. Although you still won't see any mention of it on the RSA challenge site, Mathworld is carrying the news that a team at the German Bundesamt fur Sicherheit in der Informationstechnik submitted a factorization of RSA-576 on December 3. RSA-576 is the smallest challenge number that RSA Security offers a cash prize for, to the tune of $10,000"

10 of 321 comments (clear)

  1. Re:I think my form of encryption is better by cgranade · · Score: 4, Insightful

    I don't know... maybe...
    u sib;r jbiq (shifted all the keys to the left.)

    Seriously, though, all of these ciphers can be broken. It's just a task of minimizing the value to the cracker by making it take as long as possible to get the data, under the thought that it just won't be worth the time.

    --

    #define DRM chmod 000

  2. Re:Is 576bit big? by Anonymous Coward · · Score: 1, Insightful

    When you refer to 128 bit, that gerearlly is symmetric key Encryption (as in session key), and yes its still very hard to break via brute force.

    When you refer to 1024 bit, this is generally asymmetric (as in public/privite key)

    Two very different scales. I assume the 576bit is also refering to the latter which means the key is about half as long as the current standard.

    Note that half the key length does NOT mean half as hard - think binary

    sorry for any spelling errors;-)

  3. Re:Is 576bit big? by mattjb0010 · · Score: 3, Insightful

    Well, there is no uncrackable code

    except for a correctly used one-time pad.

  4. Re:Hmmm. Complexity vs. Cash by TedCheshireAcad · · Score: 4, Insightful

    Well, the computational complexity of the General Number Field Sieve is:

    O(exp(c*log(n)^(1/3)*log(log(n))^(2/3)))
    where the value of c is reflected by the specific flavor of the NFS you're using, but in each case c>1

    I don't know the complexity of RC5, but I can imagine it's not exponential like the NFS.

  5. Re:I think my form of encryption is better by wurp · · Score: 4, Insightful

    Sure, all codes (except one time pads and equivalents) can be broken. The difference is whether it takes a day to crack the code or it can be proven that it requires either a centuries-sought breakthrough in mathematics or all the computers in the world working for ten thousand years.

    I don't know how you feel about it, but quantitative differences on those scales qualify as qualitative differences to me. Your 2048 bit PGP key simply isn't crackable by any reasonable standard. The reason people succeed at these challenges is because the bar has been set intentionally low.

  6. Re:Is 576bit big? by LnxAddct · · Score: 2, Insightful

    not too mention that currently factoring a 512 bit key will still take months, if not years. If someone is willing to put all that money and effort into cracking your key then you've got worse problems on your hands, I'd recommend buying a gun. My point is that just because one key was factored of that length, doesn't mean it is all the sudden faster or easier, it just means that a group of people put alot of effort, money, and thinking into one number and were able to factor that one number. They can't go around factoring 512 bit numbers at their whim now, these things still take time, and alot of it.

  7. Post Quantum Crypto by Multics · · Score: 2, Insightful
    Perhaps I should submit this as an Ask Slashdot instead of a comment here, but what happens when the quantum computers make breaking these things easy? (I'll leave out the word trivial since I can't imagine quantum computing being trivial anytime soon.)

    What will be the face of the next from of Crypto? Only one-time pads? That sounds way painful.

    -- Multics

    1. Re:Post Quantum Crypto by Nasarius · · Score: 2, Insightful

      Go read Bruce Schneier ("Applied Cryptography"). He basically proves that it would require insane amounts of energy at near-perfect efficiency to even iterate through every possible 256-bit number. No, your 256-bit symmetric keys and maybe 4096-bit asymmetric keys are quite safe from brute force attacks, forever. That's just the laws of physics.

      --
      LOAD "SIG",8,1
  8. Re:Mersenne Primes by nihilogos · · Score: 4, Insightful

    Algorithm for increasing karma:

    1. Read first paragraph of article.

    2. Find first occurence of technical term.

    3. Look up definition of said technical term on google.

    4. Cut and paste definition then post on relevent slashdot forum.

    The best part is, you can do all this without actually knowing anything about the topic!

    --
    :wq
  9. Re:I think my form of encryption is better by hugesmile · · Score: 2, Insightful
    It's just a task of minimizing the value to the cracker by making it take as long as possible to get the data, under the thought that it just won't be worth the time.

    Why do people always assume that code-breakers will be White Guys?