Question

RSA 1024 Factored in xxx years.

Asked by: rdivilbiss

One expert says RSA 1024 is safe for thousands of years.  I argue that is Naive, it will be factored much sooner.

When Triple DES was proposed it was said that it would take hundreds of years to break "at what was then current technology."  It has only been a few years and now it can be defeated in a few hours.  In another five years it can be defeated in a few minutes.

Triple DES was cracked in 22 hours: http://www.rsasecurity.com/rsalabs/node.asp?id=2108

RSA has been factored in increasingly sort times.

http://www.rsasecurity.com/rsalabs/node.asp?id=2964 RSA-640 is factored!
http://www.rsasecurity.com/rsalabs/node.asp?id=2879 RSA-200 is factored!
http://www.rsasecurity.com/rsalabs/node.asp?id=2096 RSA-576 is factored!
http://www.rsasecurity.com/rsalabs/node.asp?id=2097 RSA-160 is factored!
http://www.rsasecurity.com/rsalabs/node.asp?id=2098 RSA-155 is factored!
http://www.rsasecurity.com/rsalabs/node.asp?id=2099 RSA-140 is factored!

Note RSA-640 was broken with 30 x86 (2.2 Ghz) processors.

We are not even talking serious hardware here.

Can RSA 1024 be factored in a few years or will it take thousands?



This Question has been solved and asker verified All Experts Exchange premium technology solutions are available to subscription members.

Subscribe now for full access to Experts Exchange and get

Instant Access to this Solution

  • Plus...
  • 30 Day FREE access, no risk, no obligation
  • Collaborate with the world's top tech experts
  • Unlimited access to our exclusive solution database
  • Never be left without tech help again

Subscribe Now

Asked On
2005-12-30 at 11:14:55ID21679586
Tags

rsa

,

crack

,

1024

Topic

Miscellaneous

Participating Experts
3
Points
250
Comments
10

Trusted by hundreds of thousands everyday for fast, accurate and reliable tech support.

  • "The time we save is the biggest benefit of Experts Exchange to Warner Bros. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange." Mike Kapnisakis, Warner Bros.
  • "Our team likes having a resource that is more secure than just using Google and most experts using this service really know their stuff. It's nice to look here first versus using Google." Dayna Sellner, Lockheed Martin
  • "Anytime that I've been stumped with a problem, 9 out of 10 times Experts Exchange has either the accepted solution or an open discussion of the potential solution to the problem." Kenny Red, eBay Inc.

See what Experts Exchange can do for you.

Got a question?

We've got the answer.

Experts Exchange has been collecting answers to technology questions since 1996…3 million and counting! If you have a question, chances are we already have your answer.

Screenshot of Experts Exchange Knowledgebase

Need individual assistance?

Our experts are ready to help.

If you can't find the exact answer you're looking for, ask our exclusive community of 50,000 experts. You’ll get a personalized answer from a trusted professional.

Screenshot of Experts Exchange Knowledgebase

Want to learn from the best?

Read articles from industry experts.

Thousands of free tech tips, tricks, how-to’s and tutorials are available in our peer reviewed articles section. See for yourself how smart our experts are, no login required.

Screenshot of an Article

Working on a long term project?

Store your work and research.

Save solutions to your questions, answers you’ve discovered through searching plus helpful articles in your personal knowledgebase for easy future access.

Screenshot of Experts Exchange Knowledgebase

Access the answers to your technology questions today.

Subscribe Now

30-day free trial. Register in 60 seconds.

What Makes Experts Exchange Unique?

Members of the expert community talk about why the experience at Experts Exchange is different than what you will find anywhere else.

Trusted by the world's most respected brands.

image of each brand's logo

Faithfully serving IT professionals since 1996.

Experts Exchange Logo

Try it out and discover for yourself.

Subscribe Now

30-day free trial. Register in 60 seconds.

Related Solutions

  1. rsa
    i ask to program rsa encryption and decryption
  2. RSA algorithm
    Hi all. I don't know how to encrypt and decript by RSA algorithm, do you have a demo source (in C or pascal)? Thanks
  3. two factor authentication - RSA, Vasco or Safeword?
    Hi, I am looking for a two-factor authentication solution for our environment. We want to secure logons via Citrix Webinterface, VPN's over Netscreen firewall's and dial-up connections. I think active directory integration would be nice. Does anyone here have any experience...
  4. RSA security guide..
    Hi, I am a new boy to RSA security system... is there any guide or step by step information about this system and how to deal with it. Br.

Free Tech Articles

  1. WARNING: 5 Reasons why you should NEVER fix a computer for free.
    It is in our nature to love the puzzle. We are obsessed. The lot of us. We love puzzles. We love the challenge. We thrive on finding the answer. We hate disarray. It bothers us deep in our soul. W...
  2. SCCM OSD Basic troubleshooting
    SCCM 2007 OSD is a fantastic way to deploy operating systems, however, like most things SCCM issues can sometimes be difficult to resolve due to the sheer volume of logs to sift through and the dispe...
  3. Migrate Small Business Server 2003 to Exchange 2010 and Windows 2008 R2
    This guide is intended to provide step by step instructions on how to migrate from Small Business Server 2003 to Windows 2008 R2 with Exchange 2010. For this migration to work you will need the fo...
  4. Create a Win7 Gadget
    This article shows you how to create a simple "Gadget" -- a sort of mini-application supported by Windows 7 and Vista. Gadgets can be dropped anywhere on the desktop to provide instant information, ...
  5. Outlook continually prompting for username and password
    There have been a lot of questions recently regarding Outlook prompting for a username and password whilst using Exchange 2007. There are a few reasons why this would happen and I will try to cover t...
  6. Backup Exchange 2010 Information Store using Windows Backup
    There seems to be quite a lot of confusion around the ability to backup Exchange 2010 using the built in Windows Backup feature. This stems from the omission of this feature prior to Exchange 2007 s...

Cloud Class Webinars

  1. Avoiding Bugs in Microsoft Access
    Alison Balter takes and in-depth look at avoiding bugs in Access. In this webinar you will learn about using the immediate window to debug your applications, invoking the debugger, using breakpoints to troubleshoot, stepping through code, setting the next statement to execute, ...
  2. Top 10 Best New Features in Visio 2010
    Scott Helmers gives live demonstrations of the top 10 new features in Visio 2010. This webinar will teach you how to create compelling diagrams by adding shapes to the page with a single click, linking the shapes in a diagram to data in Excel (or SQL Server, or SharePoint), ...
  3. IT Consultant Business Secrets Revealed
    Michael Munger, Experts Exchange tech pro and IT consultant, pulls back the curtain on his very successful businesses and answers question on every IT consultant and business owner should know about. He shares secrets on what he did to solve the 5 most common problems in IT, ...
  4. Disaster Recovery and Business Continuity
    Quest CTO, Mike Billon, gives an overview of the steps involved in building a dunamic disaster recovery plan. Through case studies and an examination of software/hardware tooles for monitoring and testing, you'll gain a better understandin of where you are, where you want ...
  5. Organize Your Visio Diagrams with Containers and Lists
    Scott Helmers uses cross functional flowcharts, wireframe diagrams, data graphic legends and seating charts to teach you: how to ustilize all three new structured diagram components in Visio 2010, the best practices for organizeing shapes in previous version of Visio, how to organize ...
  6. How to Us Objects, Properties, Events and Methods in Microsoft Access
    Alison Dalter gives an in-depbth look at objects, properties, events and methods in Microsoft Access. In this webinar you will learn about using the object browser, referring to objects, working with properties and methods, working with object variables, understanding the ...

Join the Community

Give a Little. Get a Lot.

Join the community of experts here and help other tech pros by answering question in your area of expertise. You can earn FREE access to all Experts Exchange's premium features and resources.

Join the Community

Answers

 

by: SilentBob42Posted on 2005-12-30 at 11:29:00ID: 15579742

I agree. We're talking about current technology. With current technology it'll take millions of years to break down RSA-1024. If that would somehow be easy to break (as in: it'll take *only* 5 months) then we need to up the key strength.

but for now, that is until someone invents the quantum computer, we're safe with RSA-1024

 

by: rdivilbissPosted on 2005-12-30 at 11:56:03ID: 15579892

>"invents the quantum computer"

We (as if you and I are involved - the collective human we) may be close to that.

I expect an quick method to factor primes may appear in the next 10-20 years and would not be surprised if we discover in that time frame agencies such as the NSA possess those methods. (Not that you need that to spy.  People are sloppy with their data.  Encrypt the communication then throw the decrypted message print out into the dumpster.)

Re: Brute force...while not factoring or defeating the algorithm itself, given a large enough group of message samples, there are methods to recover the data fairly quickly.  Probably another MIT experiment I read about.  I'll try to find a link.

 

by: MASQUERAIDPosted on 2005-12-30 at 12:04:45ID: 15579930

Agree as well
The crux of the argument is "at what was then current technology" .   If we assume that processing development continues at its current pace (Moore's law of a logorithmic growth every 18-24 months) then by 2010 something that would have taken 100,000 units of time to process in 2005 would take only 1000 units.  Add to that improvements in programming efficiency and pure math an my money is (possibly literally in the case of on-line banking!) on the next ten years.

M :o)

 

by: SilentBob42Posted on 2005-12-30 at 12:11:46ID: 15579967

As for the quantum computer... we're close to that for the last 20 years. I dont see that happening any time soon. If it should happen soon, then its not available to me, but maybe like you mentioned, the NSA.

Now we're speculating on whether or not hardware will be invented so it can break RSA-1024. And if that hardware will be available to us in the next thousand(s) of years. Thats not the point. If that ever happens then we need to increase the key-strength. Thats it.

Or... some genius finds a way to break a large number (2 to the power 1024) down to 2 primes easily. Mathematical guru's have been trying that for centuries, and they all failed. I have lots of respect for the guys at MIT, but they simply cant find this given a few samples. BTW, they dont need to find the RSA algorithm since, like any good encryption algorithm, it is well known:
http://en.wikipedia.org/wiki/RSA#A_working_example

Besides, if they do find a solution, they'd better run (ever saw the movie "sneakers"? :)

 

by: rdivilbissPosted on 2005-12-30 at 14:29:53ID: 15580948

>>Now we're speculating on whether or not hardware will be invented so it can break RSA-1024.

It isn't mearly speculation. The assumption that RSA-1024 is strong is based on an *assumption* of the difficulty given the available hardware (and math).

It is necessary to consider the reality of progress in making an assumption of how long the method will be viable.  It is not reasonable to assume hardware and math reasearch will stop today, so saying RSA-1024 is good for a 1000 years is based on a false assumption.

Moore's law or not....progress happens.  Just considering the CPUs currently in the pipeline at AMD and Intel (therfore not mere speculation) we know we will soon have a significant boost in power thus reducing the time to factor RSA-1024.  Thats a 6-10 year pipeline.  

Sufficiently powerful computers to factor RSA-1024 exist.  

IBM BlueGene/L system, installed at DOE’s Lawrence Livermore National Laboratory has now achieved a record Linpack performance of 280.6 TFlop/s.

The 30 Opterons grid used for the RSA-640 challenge is kind of puny by comparison.

They are too expensive for some professor or a group of students to use to respond to the RSA challenge.  When it costs thousands of dollars a minute for time on those computers, the $200,000 prize won't get much attention.  That doesn't mean we should think it is going to hold up for a 1000 years.  The IMB PC is only 25 years old.

 

by: SilentBob42Posted on 2005-12-30 at 15:26:32ID: 15581305

Maybe, maybe, but nowadays you still need a rather large grid to crack RSA-640. I wonder what kind of grid we need to crack RSA-1024... and if it fits on this planet if you want it done in time :)

The question is: when will it fit on this planet? and will it be within 1000 years?
Unfortunately we can keep going on and on, because we cant see the future of hardware. As for Moore's law, you might have noticed, it not true anymore. For the last 3 years anyway. Besides even if this law still exists in 1000 years, I still doubt the hardware would be fast and stable enough to calculate this. We need a mathematical breakthrough or quantum computer.

 

by: rdivilbissPosted on 2005-12-30 at 18:11:03ID: 15581873

LOL.  3005?

 

by: MASQUERAIDPosted on 2005-12-31 at 02:18:35ID: 15583014

"As for Moore's law, you might have noticed, it not true anymore. For the last 3 years anyway"

Moore's Law originally proposed a ten-fold increase every twelve months - this was revised to 18-24 a while ago which does still seem to fit but I guess there will be a shortfall as Intel changes from its P4 x086 technology (or AMD take over!).

 

by: CodedKPosted on 2006-01-07 at 18:57:52ID: 15640142

On February 2, 1999, a group of researchers completed the factorization of the 140 digit RSA Challenge Number.

.....running at 175 MHz on average, and on about 60 PCs running at 300 MHz on average. The elapsed time was one month and the total amount of CPU-time spent on sieving was 8.9 CPU years.

It took 6 seconds for me to factor that number.
Keysize: 140 bits, Number Base: 10.

If i'm not doing something wrong then the day you are talking about is very close.

 

by: rdivilbissPosted on 2006-01-07 at 19:47:02ID: 15640260

CodedK, I agree.

20120131-EE-VQP-002

3 Ways to Join

30-Day Free Trial

The Experts

98% positive feedback on 31,087 answers since March 2000. angeliii is a Microsoft Most Valuable Professional for his work with MS SQL Server & Develoment.

He has also proven his knowledge of Visual Basic Programming, PHP Scripting and Oracle Databases.

The Experts

97% positive feedback on 10,752 answers since July 2000. lrmoore has more than 18 years experience in the networking industry.

The six-time Mircosoft MVPs specialties include firewalls, virtual private networking, and network management.

Testimonials

"...and excellent source for support... Kind of like having your very own IT dept." Electriciansnet

Testimonials

"I was apprehensive at signing up at first. However... it has already made my life as an IT administrator much easier." JaCrews

Testimonials

"WOW! You guys have great, active, and knowledgeable people on here." moore50

Business Clients

Business Clients

In the Press

"If you’ve got a question... Experts Exchange can supply an answer.”

In the Press

"...an invaluable aid for both IT professionals and those who require tech support."

In the Press

"where IT professionals provide quick answers on just about any topic"

Business Account Plans

Loading Advertisement...