[Cryptography] WhatsApp, Curve25519 workspace etc.
Ismail Kizir
ikizir at gmail.com
Sun May 1 03:58:59 EDT 2016
Hello,
I want to state my thought more clearly.
Curve25519 has 2^128 workspace for brute force attacks. Correct me if
I am wrong please.
Also, as far as I remember, -I don't remember where I read-, a
supercomputer today, is able to break 56 bit DES encryption ~400
seconds.
This is still brute-force.
I am certain, there may be room for eliminating some possibilities, or
even break it completely, as Bill Cox has pointed out.
Moreover, the symmetric keys used are derived from this asymmetric
key, which may be another source of vulnerability and another source
of elimination of possibilities.
Moreover, more important: WhatsApp uses AES 256 in CBC mode, which is
excluded from TLS 1.3 draft. And there are some articles about it:
http://link.springer.com/chapter/10.1007%2F3-540-45708-9_2
I want to repeat my question again: Isn't it highly suspicious to take
so many risks, instead of simply using a larger key space?
Curve25519, especially when used in combination with AES CBC, looks
highly suspicious to me.
Regards
Ismail Kizir
More information about the cryptography
mailing list