ietf-openpgp
[Top] [All Lists]

Re: Weak crypto [was: Re: how to specify "trust no signatures over hash X from this key"?]

2009-05-24 17:36:43

On 24/5/09 14:03, Daniel A. Nagy wrote:
Hi,

Ian G wrote:
Nor, has 40 bit secret keys been embarrassed as yet.

That is not true.

Ah, caught by my lack of precise terms. The earlier sentence gave the clue that I meant by embarrassment: broken and money lost because of it.


Stealing luxury cars with 40-bit ciphers in their RFID keys by
brute-forcing the (cryptographic) key is routine criminal practice.

See also http://en.wikipedia.org/wiki/Motor_vehicle_theft


OK, another great data point.  But other than this:

# New keyless ignition/lock cars often share the same 40-bit encryption method between their "keys" and their computers. Using a RFID microreader and a laptop, university students have managed to remotely unlock, start, and drive away in top-of-the-line luxury cars, not without returning the cars to their rightful owners of course and with their consent to "steal" it in the first place.[citation needed]

I see no evidence of "routine criminal practice" ... and unlike some, I explicitly exclude "university students with or without laptop" from the general class of criminals :)

Don't get me wrong: it is clear that we can crunch RSA in its smallest number (which is?) and 40 bit encryption. And one day, criminals will. What is not clear is whether they must be excluded from all possible endeavours of commerce.

It's that whole pareto thing again. We don't exclude software with bugs from commerce, nor paper-which-gets-lost, nor people-who-lie, nor all the other unreliable elements of life. Why are we so obsessed with impossibility in crypto?

iang