[Cryptography] WhatsApp: Why asymmetric key instead of symmetric keys?
Phillip Hallam-Baker
phill at hallambaker.com
Thu Apr 28 11:08:43 EDT 2016
On Wed, Apr 27, 2016 at 11:18 PM, Ismail Kizir <ikizir at gmail.com> wrote:
> >>What problem would that solve? The asymmetric keys work fine.
>
> I also thought about using curve25519.
> I downloaded it. Tested it. It is really simple to use.
> But only 256 bits key space??
> You are developing a "new" algorithm in 2016; and you are using a
> fixed 256 bit key space.
> It's surely enough for %99 percent of attackers. But, I am not sure
> about resourceful attackers in long term.
>
The work factor is well over 2^128 which is the baseline for security these
days. The IETF is currently adding support for Curve25519 and Curve448 to
all their active security protocols.
Curve 448 offers a workfactor believed to be greater than 2^256 which is
the highest we bother with. that being of the order of the number of atoms
in the universe.
> Personal privacy is a very important subject.
> A lot of people think about criminal cases.
> I think about mass surveillance, storage and future decryption.
> One day, one of our children will be the president and other one's
> will be prime minister. It will be be in 20-30 years later.
> I don't want when that day comes, someone resourceful who stored all
> "most private" information about our children deciphers all those
> information and use it against our children.
> Every detail; from the first innocent love declaration to most
> intimate secrets are transmitted via messaging applications nowadays.
> Maybe, I am ignorant, or paranoid. Maybe.
> But I always prefer using strong symmetrical algorithms with enough
> large key space whenever possible.
>
I don't plan to use Curve25519 for stored data encryption or long term
authentication credentials. I will use Curve 448.
That said, we have a much bigger problem with public key systems in general
and quantum computing. We have to start planning a fallback in case they
fail.
At this point it seems most likely that someone will find a way to build a
sufficiently large quantum computer to break RSA before they manage the
next breakthrough in number theory to break public key systems
algorithmically or the computers get fast enough to break RSA2048.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20160428/2af6756a/attachment.html>
More information about the cryptography
mailing list