Home   Groups   Digests   Personalise   Search   Login
  POV-Ray : Newsgroups : povray.off-topic : There's something wrong about... : Re: There's something wrong about... Server Time
30 Jul 2024 02:23:09 EDT (-0400)
  Re: There's something wrong about...  
From: Le Forgeron
Date: 6 May 2011 09:07:35
Message: <4dc3f297@news.povray.org>
 
Le 06/05/2011 10:12, Invisible a écrit :
> On 06/05/2011 08:38, Le_Forgeron wrote:
> 
>> Private key and public key are the mirror of each other.
>> If you crypt with the public key, only the private key can get it back
>> in clear.
>> If you crypt with the private key, only the public key ... and so on.
> 
> This is true of algorithms like RSA. However, there are algorithms where
> the encryption and decryption keys are actually in different formats,
> and it is only possible to encrypt with the designated encryption key.
> 

Agreed. Notice the "if" at the start of the lines, please.

>> The usual private-public key's algorithms allow only to compute the
>> public key from the private key, at best.
>> If the private key was computable from the public key alone, it wouldn't
>> be private any more.
> 
> You understand that in principle, it is *always* possible to compute the
> private key from the public one, right? It is impossible to prevent
> this. All you can do is make it ludicrously expensive to do it.

It is always possible to *find by exhaustive exploration* of the key
space a private key that would match a public key. But that is not
computation.
Computation implies a better algorithm than "try key, generate next key,
repeat".


> 
>> For instance DES is weak enough, yet 3DES in some modes (such as Crypt
>> with key 1, uncrypt with key 2, crypt again with key 3) is assumed
>> strong enough as long as key2 is not key1 or key3 (moreover, DES use an
>> internal vector, and some mode propagate/share that vector with the 3
>> stages, whereas other modes have their own vector for each stage).
> 
> AES exists for a reason. Triple DES is subject to meet-in-the-middle
> attacks, and its keyspace is only 168 bits anyway. The keyspace of AES
> is potentially much bigger, and in general it is considered far more
> secure than any modification of DES.

DES was used as an illustration. Moreover, the 3*56 bits of 3DES have a
lower entropy (so, 3*56 bits is *not* 168, at least in cryptography) due
to issue in the model.

I agree that there is better than 3DES, but it is one of the few
algorithms required (and then accepted) everywhere which also can have
dedicated hardware.



-- 
Software is like dirt - it costs time and money to change it and move it
around.

Just because you can't see it, it doesn't weigh anything,
and you can't drill a hole in it and stick a rivet into it doesn't mean
it's free.


Post a reply to this message

Copyright 2003-2023 Persistence of Vision Raytracer Pty. Ltd.