information assurance management cryptographic techniques week 12-2
TRANSCRIPT
Information Assurance Management
Cryptographic Techniques
Week 12-2
Key Length
• Symmetric Key Length
• Security of a Symmetric cryptosystem is a function of the strength of the algorithm and the key length
• Assume perfect algorithm - brute force every possible key
• You need a small amount of ciphertext and the corresponding plaintext
Key Length
• A brute-force attack is a known-plaintext attack.
• Doesn’t need much to launch this attack
• 8 bit key = 256 possible keys (2^8)
• 56 bits = 2^56 or 2285 MIPS-years
• 64 bits = 2^64 or 585,000 MIPS-years
• 128 bits = 10^25 MIPS-years
Key Length
• The Algorithm must be so strong that the only way to break it is with a brute-force attack
• Security should rest with the key, not the details of the algorithm
• 1977 theory about million million processors working parallel
Key Length
• Public-Key Length– Multiply two large prime numbers is the one-
way function– Hard to factor the product to retrieve the two
prime numbers– But getting easier!– General number field sieve
Key Length
• How long should a key be?
• How much is what you are protecting worth?– How long does it need to be protected?– Tactical military secrets = min/hrs=56-64 bits– Short term business deals=days/wks=64 bits– Long term deals = years =64 bits– Trade Secrets = decades = 112 bits
Key Length
– H-bomb secrets = >40 years = 128 bits– Identities of spies=>50 years=128 bits– Personal affairs=>50 years= 128 bits– Diplomatic embarrassments=>65 years=>128
bits– U.S. census data=100 years=>128 bits
• All this is nonsense! Key is longer then you can imagine necessary - no surprises