Re: [openpgp] Fingerprints and their collisions resistance

On 01/04/2013 04:00 PM, jbar wrote:
> On Fri, 04 Jan 2013 11:56:36 -0800  Andrey Jivsov 
> <openpgp(_at_)brainhub(_dot_)org> wrote:
> > Should we rather say that the _practical_ value is about 60 (it's not to 
> > say that 2^60 is that practical, but that there is an expensive but an 
> > actionable attack plan). The following post leads the reader to the 
> > algorithm : 
> > http://www.schneier.com/blog/archives/2012/10/when_will_we_se.html
> In either case, humans are less than 2^33 todays and this number should not 
> increase so much in the next decades. Even if each living human use OpenPGP 
> and more than a dozen of keys, we are far from 2^60 or 2^51...
I think you're trying to analyze this in a scenario where you want to
establish equitable sharing of limited resources among cooperating peers.

This is not the scenario the OpenPGP specification needs to concern
itself with.  Rather, the OpenPGP specification needs to be concerned
with providing cryptographically strong guarantees in the face of
malicious and well-funded adversaries.

That is, it's not enough to say that we have enough to go around.  We
need to show that the search space is large enough (and the digest
strong enough) that someone can't come up with a new key that matches
the fingerprint of your key, even if they have millions of dollars and
powerful computers at their disposal.

Regards,

        --dkg

signature.asc
Description: OpenPGP digital signature

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp