Cryptography Reference
In-Depth Information
something similar), based on our minds. With a clock rate of 10
15
Hz, some-
thing imaginable in the remote future, we would have to put 5
∗
10
15
(i.e., five
quadrillion) quantum computers to work in parallel to handle the computation
within one year. To make sure the monster won't get heavier than 100 tons,
every quantum computer may weigh 20 ng (nanogram; a billionth of a gram)
at most — a tiny silicon cube with an edge length of 20
µ
m, including control
electronics and all other 'physics required'.
All the considerations above suffer a little from the fact that they are based
on current knowledge and assumptions. Maybe quantum computers will be
built one day, and maybe they will be able to attack symmetric methods using
algorithms more elegant than we can imagine at present. But I can just as
well imagine that quantum computers might be used one day sooner or later to
finally help estimate the minimum cost required to break a certain encryption
method.
However, you may laugh about people who claim that breaking a 128-bit key
is but a matter of pure diligence for the time being. And you may laugh even
more about the company (I'd better not mention the name here) that advertised
'totally new algorithms filed for patent with
key lengths of up to 200 000 bits
',
would you believe, at the CeBIT 2001 trade fair. Such vendors understand
neither cryptology nor the random generation required for creating such long
(and useless) keys.
Developers of this kind of 'ultra-algorithm' are normally convinced and often
even pretty aggressive. I came across arguments like 'Experts claim that all
new algorithms were insecure while in reality they only want to protect their
trades', or 'True novelties won't be noticed in the first place', on Web sites and
in mails. I am sure that if you understood the cryptanalytic parts in this topic
only roughly you already know more than these pastime developers do. Once
you discover a 'cryptanalysis' on such a Web site you will recognize the true
level very quickly.
5.10 Surprise Attack From Behind: Timing and Power
Analyses
As the last 'hit' in this chapter, I want to show you an entirely new, totally
different cryptanalytic approach. At first, this approach does not appear prac-
ticable, but this was thought to be the case with attacks using related keys,
too, until the first chip cards emerged. For example, the new method could
