[Cryptography] Are there other anonymous key exchange algorithms?
Stuart Longland
stuartl at longlandclan.yi.org
Sun May 25 04:42:56 EDT 2014
On Sun, 18 May 2014 10:03:27 +0200, Miroslav Kratochvil wrote:
> Would there be any serious security implications on reusing the same key
> in more exchanges and having some efficient key schedule? For example,
> only generating new key every minute or similar.
Perhaps make it a fraction of the time it takes to crack the key? So if
with today's hardware it would take 100 years to crack a key, replace the
keys daily?
I'm considering this problem elsewhere, some would recall my query about
using digital signatures for authentication over packet radio: here I've
settled on 192-bit ECDSA. Apparently 256-bit ECDSA, as used in Bitcoin
supposedly would take a contemporary supercomputer a ridiculous amount of
time to crack.
http://bitcoin.stackexchange.com/a/2852 estimates that for a 256-bit key,
it was around 650 million, billion years for today's equipment, and the
estimate was it'd be 60+ years before we'd see a computer capable of
giving the problem a good bash (just over a year).
I'd be interested to know how close the maths is there, the author
mentions it being a very conservative estimate and that in reality, it'd
be a lot more. I've taken that as a rough guide, and so if that post is
true, it'd take ~152224491 years for a 192-bit key. And maybe in 10
years we might see a computer that can grind through the combinations
quickly enough.
192-bit ECDSA is not as strong of course, but was still a case of "not in
my lifetime without a computing breakthrough". So I'm working on the
theory: the keys are not encrypting, just signing and the keys should be
replaced every few years, by the time someone cracks one, it'll be
useless anyway.
In the case of encryption, the situation is different: the (private) key,
once revealed, is not useless, any ciphertext produced by it (or its
public counterpart) can now be deciphered.
It's then a matter of how old the data is, and whether you care about it
being revealed that far in the future. You might be dead by then, in
which case it may only upset your great grandkids.
Authorities probably won't have this sort of patience and will just
demand you hand over the keys, or find some other way of obtaining them.
More information about the cryptography
mailing list