[Cryptography] WhatsApp: Why asymmetric key instead of symmetric keys?

david wong davidwong.crypto at gmail.com
Thu Apr 28 14:27:38 EDT 2016


> On Apr 27 2016, at 11:06 pm, Ismail Kizir <ikizir at gmail.com> wrote:  

>

> >>What problem would that solve? The asymmetric keys work fine.

  

I too would have liked to see both, and a "strong" label being assigned to
those who I verified in-person.

  

> I also thought about using curve25519.  

>

> I downloaded it. Tested it. It is really simple to use.  
But only 256 bits key space??  
You are developing a "new" algorithm in 2016; and you are using a  
fixed 256 bit key space.  
It's surely enough for %99 percent of attackers. But, I am not sure  
about resourceful attackers in long term.

  

the keyspace is not the problem here, a 256 bit keyspace is impossible to
brute-force and will remain impossible to brute-force unless we have some
crazy breakthrough (but then I suppose no crypto would resist). This is
because, if we currently are able to do something like 2^80 (and this is an
highly hypothetical number). If that's the number of cycles we can provide to
a brute-force, then providing 2^81 would require the same amount of work times
two. So getting to 2^85 would already seem impossible, imagine 2^256.

  

So the problem really is what is the best attack against curve25519, and the
best known attack is only halving the keyspace making it a 2^128 one, which is
also impossible and will remain so as long as we don't discover a crazy
breakthrough.

  

David

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20160428/883d0975/attachment.html>


More information about the cryptography mailing list