[A83] Re: apps


[Prev][Next][Index][Thread]

[A83] Re: apps





On Wed, 18 Apr 2001, David Phillips wrote:

> The application has to be signed with TI before the calculator will accept
> it.  Digital signatures are a part of public-private key encryption.  A very
> good explanation is the document that comes with PGP.  Essentially, this is
> how it works: a private key is generated.  The longer the key, the harder it
> is to break.  Web browsers that use SSL either use 40, 56 or 128 bit keys.
> Keys used for SSH usually are 1024 or 2048 bit.

In most actual uses for secure communication, the public/private key
cryptography is not the only thing used, but instead is used in
combination with a regular one-key system (in which both people must know
the same key to encrypt and decrypt with); the public/private key system
is only used to transmit the key for this encryption.  See the following:

http://www.rsasecurity.com/rsalabs/faq/3-1-7.html

Note that the 40, 56, and 128 bit sizes are the sizes of the keys for the
one-key encryption, while the 1024 and 2048 are for the public/private
keys.  These two sets of keys sizes can't be compared directly, see
the bottom of this:

http://www.rsasecurity.com/rsalabs/faq/3-1-5.html

> Even breaking 40 bit encryption would be beyond the power of an
> ordinary person, and breaking 128 bit could only be done by the NSA or
> other organizations with an immense amount of computing power, such as
> federal governments or Microsoft.  I believe that the calculator uses
> 512 bit encryption.  So having thousands of people all over the
> internet work together in breaking it would not work this time (there
> was a contest where this was done to break 128 bit enryption, and I
> believe it took a year and a half).

Strangely enough, the FAQ from RSA (who supplied the encryption for TI) at
this address has several interesting things to say regarding 512-bit
encryption:

http://www.rsasecurity.com/rsalabs/faq/3-1-5.html

In particular, note the following quote:

"This means that 512-bit keys no longer provide sufficient security for
anything more than very short-term security needs."

Also see the following on a contest to factor 512-bit numbers (essentially
breaking a 512-bit key), which was completed in seven months using 300
PCs, in 1999:

http://www.rsasecurity.com/rsalabs/faq/2-3-6.html




Follow-Ups: References: