[Cryptography] understanding PGP etc. -- best public cryptanalysis
John Denker
jsd at av8n.com
Thu Aug 9 13:48:45 EDT 2018
On 08/08/2018 11:45 PM, Matt Maxson wrote:
> The question was, basically, if someone has access to both a PGP
> encrypted email and a plain text version of the same email, can an
> attacker determine the key. The answer given was "no".
>
> I don't understand. Why can't that happen? For example, if I have
> 10 + x = 50 (this can be replaced with any formula that has exactly
> one unknown), I can solve for X. In my thinking, isn't the unknown
> in the equation simply the key? Sure, the maths are more complex,
> but it should be a trivial issue to work backwards and solve for the
> key.
Rather than "no", a more precise answer would be "it's
infeasible -- so far as we know".
1) We do *not* have any formal proof that the crypto used
by PGP is unbreakable.
2) In fact, all crypto of the kind we are considering
can be defeated "in principle" given unlimited computing
resources. Just do a brute-force search of the key
space.
Beware that the keyspace is *very* large. We are not talking
about two-digit numbers, as in the example above, but rather
100-digit numbers. There are a *lot* of those.
3) The strongest statement that can be made goes something
like this: Using publicly-known methods and present-day
(or reasonably foreseeable) hardware, nobody has enough
resources to crack your message on any relevant timescale.
If you want to google something, you might start here:
https://www.google.com/search?q=aes+"best+public+cryptanalysis"
More information about the cryptography
mailing list