Slashdot Mirror

← Back to Stories (view on slashdot.org)

A Mighty Number Falls

Posted by kdawson on from the time-to-generate-new-keys dept.

space_in_your_face writes "An international team has broken a long-standing record in an impressive feat of calculation. On March 6, computer clusters from three institutions (the EPFL, the University of Bonn, and NTT in Japan) reached the end of eleven months of strenuous calculation, churning out the prime factors of a well-known, hard-to-factor number — 2^1039 - 1 — that is 307 digits long." The lead researcher believes "the writing is on the wall" for 1024-bit encryption. "Last time, it took nine years for us to generalize from a special to a non-special hard-to factor number (155 digits). I won't make predictions, but let's just say it might be a good idea to stay tuned."

18 of 348 comments (clear)

  1. Re:What are they? by jfengel · · Score: 5, Funny

    Hang on, I'm working on it. I'll get back to you.

  2. Re:How many people have the computing power ... by Anonymous+Cowpat · · Score: 5, Insightful

    governments. Who, incidentally, are the prime targets for using encryption against.

    --
    FGD 135
  3. Re:What are they? by Anonymous Coward · · Score: 5, Informative

    2^1039-1=
    1159420574 0725730643698071 48876894640753899791 70201772498686835353882248385
    9966756608 0006095408005179 47205399326123020487 44028604353028619141014409345
    3512334712 7396798885022630 75752809379166028555 10550042581077117617761009413
    7970787973 8061870084377771 86828680889844712822 00293520180607475545154137071
    1023817

    factors:

    5585366661 9936291260 7492046583 1594496864
    6527018488 6376480100 5234631985 3288374753
    ×
    2075818194 6442382764 5704813703 5946951629
    3970800739 5209881208 3870379272 9090324679
    3823431438 8414483488 2534053344 7691122230
    2815832769 6525376091 4101891052 4199389933
    4109711624 3589620659 7216748116 1749004803
    6597355734 0925320542 5523689

    (spaces added because of lameness filter)

  4. Three years isn't a whole lot. by Kadin2048 · · Score: 5, Insightful

    I understand that they'll be able to crack 1024, but still, 3 years to see my e-mails. It's not worth it for them. Now when they got it down to 3 hours I'll be worried, but by then we'll probably be using 4096.

    True, but what you need to think about is forward secrecy.

    There are lots of things being transmitted today that are still going to be in use three years from now. For example, think of financial information: if you use an encryption standard that's acceptable right now, but can be broken in three years (or, is trivially breakable in three years due to increases in computer power or techniques), then you're in trouble, because some of that information is still going to be sensitive/valuable in three years. The fact that you'll be using 4096 bits then doesn't matter, if someone grabs it now and crunches on it for a while. Same with identification numbers (SSNs, etc); if I grab a batch of numbers today, most of them will probably still be good in ten or fifteen years, and some of them will still be good in 30 or 40. That's how far out you need to be thinking when choosing an encryption standard for that data.

    There are some things where only immediate security matters (transmitting big session keys that get thrown away a few hours or minutes later), but many other things -- and I think general file encryption falls into this category -- where it's hard to predict for how long the encrypted information might be sensitive or valuable.

    --
    "Ladies and gentlemen, my killbot features Lotus Notes and a machine gun. It is the finest available."
  5. Re:Next step: FPGA cracking by shofutex · · Score: 5, Informative

    Adi Shamir designed one already. Instead of 11 months, it takes 12--but it could (in theory) factor any 1024-bit number.

  6. Re:What are they? by brunascle · · Score: 5, Funny

    for the love of god, please tell me you got those numbers from the results of the project

  7. Re:Why Does Encryption Need to "Scramble" Informat by goddidit · · Score: 5, Funny

    http://xkcd.com/c257.html
    Navajo code is pretty easy to crack.

    --
    This .sig is exactly 120 characters long.
  8. Re:"the writing is on the wall" for 1024-bit by Palmyst · · Score: 5, Informative

    Yes, The RSA Algorithm for public key encryption is based on the difficulty of factoring very large numbers. The key size is the number of bits in the number that has to be factored to break the encryption. Many of the modern security systems, including Verisign certificates for secure websites are based on RSA encryption and 1024 is a very common key size in use. Thus the ease of factoring 1024 bit numbers would indeed be a matter of concern.

    RSA 101.

  9. Damn, beaten, somewhat. by DemonThing · · Score: 5, Informative

    There are actually three prime factors; the two you listed, and the small factor 5080711. Thus:

    2^1039-1 = 5080711 * 55853666619936291260749204658315944968646527018488 637648010052346319853288374753 * 20758181946442382764570481370359469516293970800739 52098812083870379272909032467938234314388414483488 25340533447691122230281583276965253760914101891052 41993899334109711624358962065972167481161749004803 659735573409253205425523689

    is the correct factorization, as can be readily verified.

    Also:
    http://www.heise.de/english/newsticker/news/90031

  10. Re:What are they? by Anonymous Coward · · Score: 5, Funny

    Hey, that's the same combination I have on my luggage!

  11. Re:Why Does Encryption Need to "Scramble" Informat by wfberg · · Score: 5, Interesting

    The Navajo language basically served as a one time pad in WWII

    No, they served as code-talkers. A one-time pad is a system whereby every bit of the encryption key is independent of the others (never reused, unlike codewords) and entropy is maximal. Simply translating stuff from one word to another is simple substitution, a simple code.

    The reason Navajo Code Talkers were succesful wasn't because the scheme was particularly advanced. In fact, it would have been computationally trivial to break. However the messages relayed were only ever "tactical" in nature; i.e. communications in the field, of use during a fight, but old news in about 10 minutes. Had Navajo code talking been used to relay top-secret messages, it would have been broken fairly quickly. The reason for its success was that is was extremely cheap to implement for the US, and the secrets protected weren't valuable enough to spend huge effort on breaking. Economics, rather than mathematics.

    Navajo wasn't used in Europe, because Germany had sent anthropologists to the US to learn native languages, anticipating precisely this scheme.

    --
    SCO employee? Check out the bounty
  12. Re:What are they? by sanimalp · · Score: 5, Funny

    No, he just works for the NSA.

  13. Re:distributed network computing? by CastrTroy · · Score: 5, Interesting

    Really it's not that bad of an idea. Create something that looks like image spam. Hide the encrypted information using stenography in the image, and send it out to millions of people, including the intended recipient. Everybody except the intended recipient deletes the message. It makes it harder to track down who you are communicating with, and harder to find out which messages actually contain useful information. It's similar to in olden days when they used to put a secret message in the classifieds of the newspaper. Only the people who know that it was supposed to be there could actually get the hidden message, but it was there for everyone to see.

    --

    Anthropic principle: We see the universe the way it is because if it were different we would not be here to see it.
  14. What about dynamic encryption algortithms? by wamatt · · Score: 5, Interesting

    Not sure if this is a new idea, but this topic got me thinking. Decrypting something means is really just a mathematical transform. We say its "decrypted" if the end result "makes sense". But what if we didn't know what the final data should look like? How would we ever know it was decrypted?

    Decryption itself only makes sense once we know what method was used, ie RSA, DES, Blowfish etc. However what if that algorithm itself was dynamic and formed part of the encryption? Sort of like a more generalised version of onion encryption, ie encrpyting the same content a number of times using different algorithms. So that the algorithms used and the sequence in which they are used form a sort of "meta-key"

  15. Re:Next step: FPGA cracking by maxwell+demon · · Score: 5, Funny

    Is that before or after looking at the machine? ;-)

    (forgive me, I love quantum-related jokes... ^_~) Yes.

    (forgive me, I love logic-related jokes ... :-))
    --
    The Tao of math: The numbers you can count are not the real numbers.
  16. Re:How many people have the computing power ... by Abcd1234 · · Score: 5, Funny

    in fact you have about a 1 in 300 chance of pulling 1024-bit prime out of your ass

    Wow, now *that* is a cool trick!

  17. Re:distributed network computing? by Jeff+Carr · · Score: 5, Interesting

    This has already been done as early as 10 years ago.

    I was working in Eastern Europe on a now unclassified project, working against a low budget illegal foreign intelligence agency. They were selling and distributing porn CD's and DVD's with thousands of pictures, one or more of which would contain an encrypted stenographic message. Their contact would purchase the DVD at one of hundreds of little markets, and decrypt the proper image(s).

    It was really quite a good plan. Not only were there many possible valid messages to one or more agents, but there were also an unknown number of false messages, they even may have even been all false messages that could only be put together by inference. However, since they were encrypted with PGP, we never were able to break that particular system before I left the project.

    The real genius of the plan was that it brought them in some much needed cash as well.

    --
    The television will not be revolutionized.
  18. Re:How many people have the computing power ... by rpresser · · Score: 5, Funny

    Perhaps you should see the Prime Number Shitting Bear.

    Originally at http://www.primenumbershittingbear.com/ but that's long dead, so I dug it out of the Wayback Machine and put it up at http://rpresser.googlepages.com/primenumbershittin gbear.html . Enjoy.