[A83] Re: apps

[A83] Re: apps

• To: <assembly-83@lists.ticalc.org>
• Subject: [A83] Re: apps
• From: Patrick Davidson <pad@OCF.Berkeley.EDU>
• Date: Wed, 18 Apr 2001 12:49:16 -0700 (PDT)
• In-Reply-To: <002201c0c83a$6ef963b0$0201a8c0@brinstar>
• Reply-To: assembly-83@lists.ticalc.org

On Wed, 18 Apr 2001, David Phillips wrote:

> The application has to be signed with TI before the calculator will accept
> it.  Digital signatures are a part of public-private key encryption.  A very
> good explanation is the document that comes with PGP.  Essentially, this is
> how it works: a private key is generated.  The longer the key, the harder it
> is to break.  Web browsers that use SSL either use 40, 56 or 128 bit keys.
> Keys used for SSH usually are 1024 or 2048 bit.

In most actual uses for secure communication, the public/private key
cryptography is not the only thing used, but instead is used in
combination with a regular one-key system (in which both people must know
the same key to encrypt and decrypt with); the public/private key system
is only used to transmit the key for this encryption.  See the following:

http://www.rsasecurity.com/rsalabs/faq/3-1-7.html

Note that the 40, 56, and 128 bit sizes are the sizes of the keys for the
one-key encryption, while the 1024 and 2048 are for the public/private
keys.  These two sets of keys sizes can't be compared directly, see
the bottom of this:

http://www.rsasecurity.com/rsalabs/faq/3-1-5.html

> Even breaking 40 bit encryption would be beyond the power of an
> ordinary person, and breaking 128 bit could only be done by the NSA or
> other organizations with an immense amount of computing power, such as
> federal governments or Microsoft.  I believe that the calculator uses
> 512 bit encryption.  So having thousands of people all over the
> internet work together in breaking it would not work this time (there
> was a contest where this was done to break 128 bit enryption, and I
> believe it took a year and a half).

Strangely enough, the FAQ from RSA (who supplied the encryption for TI) at
this address has several interesting things to say regarding 512-bit
encryption:

http://www.rsasecurity.com/rsalabs/faq/3-1-5.html

In particular, note the following quote:

"This means that 512-bit keys no longer provide sufficient security for
anything more than very short-term security needs."

Also see the following on a contest to factor 512-bit numbers (essentially
breaking a 512-bit key), which was completed in seven months using 300
PCs, in 1999:

http://www.rsasecurity.com/rsalabs/faq/2-3-6.html

• [A83] Re: apps
• From: james l <james@kirk.math.twsu.edu>
• [A83] Re: apps
• From: "David Phillips" <david@acz.org>

• [A83] Re: apps
• From: "David Phillips" <david@acz.org>

• Prev: [A83] Re: apps
• Next: [A83] Re: apps
• Index(es):
  • Main
  • Thread