On Fri, Apr 04, 2008 at 02:43:58AM +0200, s. keeling wrote: > Brian McKee <[EMAIL PROTECTED]>: > > On 3-Apr-08, at 1:23 PM, Dave Sherohman wrote: > > > Unless they take the time to successfully factor the > > > public key, > > > > Can you expand on that sentence? I'm not sure what you meant by it. > > I imagine he means a brute force crack. Got a supercomputer or > botnet available? Does the target use md5 passwords? Good luck.
I do, but of a different (and much more difficult) type. My (admittedly limited) understanding of public key crypto is that the public and private key are connected by the relationship of two extremly large prime numbers. It is mathematically possible, then, to identify those numbers by factoring the numeric value of the public key and then use them to deduce the value of the private key. In practice, any decent public key system will use large enough primes that this is a "Got a supercomputer or a botnet and a good bit of time?" case which makes brute-forcing an md5 password file look easy, but I like to be complete and it is a conceivable avenue of attack, even though it's thoroughly unfeasible to conduct unless/until there's a major breakthrough in techniques for factoring very large numbers. (Or maybe an advance in quantum computing. A lot of people seem to expect that this sort of task will be easy for quantum processors, but I don't know of it having ever been actually done.) -- News aggregation meets world domination. Can you see the fnews? http://seethefnews.com/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
