Cryptography Reference
In-Depth Information
remained unsolved. Eventually, Len Adleman of MIT (we know him from the
RSA method) took the biscuit. He had brought an Apple II computer along and
solved the task in front of the spectators [GarPGP, Chapter 3, 'The Rise and
Fall of Knapsacks']. That was tantamount to a sensation — the computer wasn't
on the market yet, and 'real computers' came with power supply, ventilator,
and line printers back then. And along came this cryptanalyst and solved a
major task on a computer that a single man could carry , and what's more, with
a neat and clean ciphertext attack!
To make the rest of the story short: improvements were 'handed in subse-
quently' over and again, and all of them were cracked every which way. Well,
there are still some unbroken variants around. The question is, for how long?
Actually a pity for such a beautiful algorithm.
4.5.5 Bottom Line
The RSA method is the worldwide 'market leader' among asymmetric algo-
rithms. It has been studied for almost as long as DES and except for the basic
problem of factoring large numbers, all known flaws can be avoided by appro-
priate implementation. There are mature strategies for preventing intrusions
like the man-in-the-middle attack. It is certainly easier to forge a 100-euro bill
than to get hold of somebody's session key if this somebody knows a thing or
two about security and cryptology.
But. I think this 'but' is very critical: The private key is a real 'universal key'.
Compare it yourself (though all comparisons are known to be poor):
The German Wehrmacht published their code books with keys for rounds
monthly. In the event that a code book fell into the adversary's hands, the
Wehrmacht believed that they could send 'messages for listening in on' only
for another month at most.
Public keys are generally changed much more seldom. An unbelievable amount
of messages can belong to one key pair. If these messages include some that
have to remain secret for years, then be careful. If somebody has listened in
on your communication and a genius student discovers a factoring method
after two or three years you are sunk. All your messages will be compro-
mised at once in arrears, because all session keys will then be public (see
Figure 4.15)!
Though this risk is perhaps extremely low, nobody knows. If you communicate
with only one converser and use the symmetric universal-key splitting as shown
Search WWH ::




Custom Search