:: Re: [DNG] Is RSA broken? Or is it a…
Page principale
Supprimer ce message
Répondre à ce message
Auteur: Rick Moen
Date:  
À: dng
Sujet: Re: [DNG] Is RSA broken? Or is it a hoax?
Quoting Bernard Rosset via Dng (dng@???):

> This is what the last line of the abstract claims; however the whole
> paper goes beyond my understanding.
>
> https://eprint.iacr.org/2021/232.pdf


Snakes. Oil. (**COUGH** Theranos **COUGH**)

We've been here before with Crown Sterling.
https://www.schneier.com/blog/archives/2019/09/crown_sterling_.html
https://www.schneier.com/blog/archives/2019/09/the_doghouse_cr_1.html

About the video where Crown Sterling CEO Grobert Grant ran a cooked
demonstration of Grant's claimed crypto-cracking algorithm (the stuff
talked about in the paper):

Ars shared the video with Jake Williams, the founder of Rendition
Infosec and a former member of the National Security Agency's Tailored
Access Operations group. "I'm dumber for having watched that," Williams
said. "Bragging that you can factor a 256 bit RSA key in 2019 is like
bragging about hacking an unpatched Windows 2000 box. Sure you did it,
but nobody should care." The 256-bit key, Williams said, was "absurdly
small." (Digital certificates from recognized certificate authorities
have used RSA 2048-bit keys for more than seven years.)

https://arstechnica.com/information-technology/2019/09/medicine-show-crown-sterling-demos-256-bit-rsa-key-cracking-at-private-event/

> Any way, pushing for ECDSA or even EdDSA, both of which are more and
> more supported out there (and have been for a almost a decade
> already), is IMHO the most future-proof take.


Maybe. A counter-intuitive aspect of crypto is that older (if still not
significantly flawed) algorithms and their implementations are often
preferable than newer and theoretically more-promising ones -- because
the former have withstood determined and expert attacks for longer.

Schneier made this point a few years ago about why he felt that Blowfish
is still safer than Twofish, even though he felt the latter is
technically superior -- because it was too new to be nearly as
battle-tested. (And, again, don't forget that weaknesses in the
implementation matter as much or more than theoretical weaknesses in the
algorithms themselves. Cracking is cracking, no matter whether it
was achieved through exploiting unintended side-channels or anything
else.)

-- 
Cheers,                  "My generals are always right about other people's 
Rick Moen                wars and wrong about our own."  -- LBJ
rick@???  
McQ!  (4x80)