Is RSA generally considered safe enough, assuming a large enough bit length ?

Discussion in 'OT Technology' started by Symphony, Mar 14, 2008.

  1. Symphony

    Symphony If you take the blue pill, the story ends.

    Joined:
    Jul 31, 2001
    Messages:
    25,335
    Likes Received:
    0
    I was looking into some encryption shit for small amounts of data, and since I read a lot of security blogs that go on about all the shit that fails rather than what works, I feel like everything fails.

    I've got some data on a server that needs to be encrypted. If I make a public key, encrypt with that, and keep the private key off the server to decrypt with... assuming no one gets their hands on the private key, am I all good? I'd probably be using OpenSSL if that matters at all.

    Edit: Unbreakable was a poor choice of words... I just meant is it safe enough?... I edited the thread title.
     
  2. deusexaethera

    deusexaethera OT Supporter

    Joined:
    Jan 27, 2005
    Messages:
    19,712
    Likes Received:
    0
    Nothing is perfect, but RSA is fine.

    By the way, Comodo will sell you encryption certificates that are underwritten by a trusted certification authority.
     
  3. P07r0457

    P07r0457 New Member

    Joined:
    Sep 20, 2004
    Messages:
    28,491
    Likes Received:
    0
    Location:
    Southern Oregon
    EVERYTHING can be broken. To have good security, you need to accept that, right off the bat. Outside of that, it's weighing the cost of the data you wish to protect. Your security solution needs to make it more costly to break it.

    Since I don't know what you're protecting and how important it is someone doesn't get it (and why they would even want it) then I can't tell you what you need.
     
  4. CodeX

    CodeX Guest

    true, but some things would take a ridiculously long time to brute force, like so long that the sun will go supernova long before you could brute force it given current computational speed limitations. Certain encryption can be considered more or less impossible to crack in anyones lifetime, and for those you would need to get the key or the algorithm that created the key to reverse engineer it. If the key has been written down on any piece of paper anywhere on the planet you would have a better chance finding it without any leads than you would brute forcing it. If the only place the key exists is in the owners head then would have to torture it out of him. Alternatively you could get the algorithm that creates the keys from the creators of the encryption scheme, but good luck doing that unless you have the full backing of the US government at your disposal...

    In 128 bit encryption there are 3,402,823,669,209,384,634,633,746,074,317,700,000,000,000,000,000,000,000,000,000,000,000,000 possible keys...

    In 256 bit encryption the number is 1,157,920,892,373,161,954,235,709,850,086,900,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000

    If you could attempt 1 trillion different keys per second it would still take that same number minus 13 zeros seconds... which is still 25,896,679,369,934,434,053,529 Millenia to brute force a 128bit key (yeah, Millenia, that many thousands of years)...

    Or, to look at it another way, you couldn't do it using every single computer in the world if they were all a billion times faster than they are right now in less than trillions and trillions of years...
     
    Last edited by a moderator: Mar 14, 2008
  5. Doc Brown

    Doc Brown Don't make me make you my hobby

    Joined:
    Mar 31, 2006
    Messages:
    16,404
    Likes Received:
    0
    Location:
    Ohio
    The problem with that^^^, is that the cracking method does not always follow traditional brute force schemes.

    Wep should have taken thousands of years to crack, too. But you can beat it in less than a night.
     
  6. CodeX

    CodeX Guest

    The encryption algorithm was leaked...

    To break into encrypted data you need 2 of 3 things... the data itself, the key, or the algorithm that created the key... if you have any 2 of those 3 things you can decrypt the data. (well, you always need the data obviously lol what I mean is you need either the key or the algorithm, not both, using the encrypted data and the algorithm that created it you can reverse engineer the key)
     
  7. deusexaethera

    deusexaethera OT Supporter

    Joined:
    Jan 27, 2005
    Messages:
    19,712
    Likes Received:
    0
    Regardless, there's always a way to shorten the cracking time. Hell, public-key encryption is based on published formulas that are over 30 years old now. The keys are just two very large prime numbers -- one is transmitted beforehand, when the certificate is accepted, and the other is used to encode the data before it itself is encoded by multiplying it with the one sent beforehand. Then the encoded "private" key is sent along with the encoded data, and if you know the "public" key that was sent beforehand, you can decode the "private" key and read the data.

    The only saving grace is they are VERY large prime numbers, so it takes a very long time to guess the public key before you can decode the private key.
     
    Last edited: Mar 14, 2008
  8. Doc Brown

    Doc Brown Don't make me make you my hobby

    Joined:
    Mar 31, 2006
    Messages:
    16,404
    Likes Received:
    0
    Location:
    Ohio
    That's not how it happened.

    It was cracked by what happens as the internet hookup occurs.
    It's been a while since I read about it, but it was something to the effect of a handshake that occurs between the pc and the internet hookup. The hackers realized that key info was given out at that moment that was less secure than the encrypted data itself, and they used it to get around the normal password issues. Like I said, it's been a few years since I read about it, but that's it in a nutshell.
     
  9. CodeX

    CodeX Guest

    Ah, Ill have to look it up I thought it was simply a matter of it being leaked
     
  10. critter783

    critter783 OT Supporter

    Joined:
    Jul 15, 2005
    Messages:
    1,785
    Likes Received:
    0
    Having the encryption algorithm doesn't get you the key. There are plenty of one-way hash functions that aren't invertible.
     
  11. Bruticus

    Bruticus half dead OT Supporter

    Joined:
    Apr 10, 2004
    Messages:
    4,608
    Likes Received:
    0
    Location:
    Melbourne
    In all of the widely used encryption schemes that algorithm is publicly available and needs to be for there to be any level of trust when using it. Without the algorithm out in the open you have no idea what it is doing. There was a recent "security" product which promised easy secure encryption and advertised AES (also publicly available, like RSA). It was proven that it pretty much just XOR'd the data, rendering the encryption useless. In reality that is worse than useless because the users are operating under the assumption that their data is safe.

    Always use a publicly available encryption scheme that has, preferably, undergone a lot of peer/industry review.

    Last time I checked RSA was "broken" up to about the 800 bit key length level, using the most advanced techniques available, huge computing power and quite a few months. Use at least a key of 1024bits and you'll be fine.
     
  12. alex

    alex My neighbor got the gas chamber awhile back for do Moderator

    Joined:
    Oct 11, 2005
    Messages:
    24,383
    Likes Received:
    8
    Location:
    Orange County, NY
    true, but even those can be broken using rainbow tables to produce collisions. nothing is safe, hide your children. :noes:



    I agree with this statement.
     
  13. deusexaethera

    deusexaethera OT Supporter

    Joined:
    Jan 27, 2005
    Messages:
    19,712
    Likes Received:
    0
    Rainbow tables?
     
  14. alex

    alex My neighbor got the gas chamber awhile back for do Moderator

    Joined:
    Oct 11, 2005
    Messages:
    24,383
    Likes Received:
    8
    Location:
    Orange County, NY
    i did an hour and a half talk on cryptographic hash functions as part of my senior requirements at school. i stumbled on to this topic during my research...

    http://en.wikipedia.org/wiki/Rainbow_tables

    i didn't talk about it because i didn't understand 100% through, and I didn't want to be asked a question and go :hsd: on stage.
     
  15. CodeX

    CodeX Guest

    wow thats complicated but interesting...
     
  16. Bruticus

    Bruticus half dead OT Supporter

    Joined:
    Apr 10, 2004
    Messages:
    4,608
    Likes Received:
    0
    Location:
    Melbourne
    As the wiki link says it's basically about using a shitload of space/memory to compile a massive lookup table of hashes and the related plaintext password. These won't work for things like RSA, but things like MD5 and SHA it's a start.

    However, there are ways to make it pretty much infeasible like using salt and having all of your passwords include special characters and numbers. The actual tables that you need for this to work range from a few hundred MB to many, many GB.

    Basically they aren't really viable when you use good passwords, may change in the future of course.
     
  17. deusexaethera

    deusexaethera OT Supporter

    Joined:
    Jan 27, 2005
    Messages:
    19,712
    Likes Received:
    0
    First string theory, now rainbow tables...what will those math guys think of next?
     
  18. CyberBullets

    CyberBullets I reach to the sky, and call out your name. If I c

    Joined:
    Nov 13, 2001
    Messages:
    11,865
    Likes Received:
    0
    Location:
    BC, Canada/Stockholm, Sweden
    That is the idea of LM Rainbow tables for Windows. Takes the "encrypted" hashed password and finds a collision. The windows password protocol is very weak.
     
  19. deusexaethera

    deusexaethera OT Supporter

    Joined:
    Jan 27, 2005
    Messages:
    19,712
    Likes Received:
    0
    That would be why all DoD computers require a hardware-based public-key certificate to log in. Kind of annoying, since if you walk away from the machine you're required to pull your card, which logs you out instantly, but...meh, better that than seeing reports of stolen technology on the news every week.
     
  20. Doc Brown

    Doc Brown Don't make me make you my hobby

    Joined:
    Mar 31, 2006
    Messages:
    16,404
    Likes Received:
    0
    Location:
    Ohio
    And don't forget the big scandal when someone developed a way of reading what's
    on your crt monitor from a distance. Back in the mid 90's, iirc.
     
  21. alex

    alex My neighbor got the gas chamber awhile back for do Moderator

    Joined:
    Oct 11, 2005
    Messages:
    24,383
    Likes Received:
    8
    Location:
    Orange County, NY
    yeah, all you need a password dumping program which grabs the hash, then run it through the tables on the ophcrack cd, or you can even run it through an online db like http://lasecwww.epfl.ch/~oechslin/projects/ophcrack/index.php. it will find a collision of alphanumeric windows hashes in about 10 seconds. :noes:
     
  22. Jables

    Jables OT Supporter

    Joined:
    Jul 27, 2007
    Messages:
    6
    Likes Received:
    0
    Like P07r0457 said how's the security on the rest of your network? Just because the data is encrypted doesn't mean it's protected. How are you going to store the private key? Do you have your PKI figured out? How's the security of the end user machines? How secure is the network hardware? What type of data are you protecting? IIRC RSA is considered "safe" with key lengths of 1024 bit or larger, 256 bits and under can be calculated in a few hours on a standard computer (Google freeLIP).

    An attacker is going to go for the lowest hanging fruit, they're not going to spend the time to brute force the keys when they could exploit a vulnerable machine or perform a timing attack on bad implementation of the algorithm. If the data is highly important I'd consult a professional.

    @CodeX: The RC4 algorithm that WEP uses has been public knowledge since the mid 90's. WEP was broken because of a combination of a weak key scheduling algorithm, a known plaintext (First byte of an 102.11 packet is the SNAP header and it is usually 0xAA), and a small keyspace (IV's used a 24bit keyspace). Flooding the AP with ARP requests increases the number of IV's generated, increasing the chance of getting a weak IV, and exhausting the keyspace quicker. Hacking: The Art of Exploitation has a good section on this, I think it's even readable on Google Books for free.
     

Share This Page