Re: Interesting Discussion with US Government Computer Expert
dsr_at_Florence.edu
Date: 08/31/03
- Next message: Russell Nelson: "Re: A new method for the steganography of 8 bit images"
- Previous message: George Ou: "Re: Interesting Discussion with US Government Computer Expert"
- In reply to: George Ou: "Re: Interesting Discussion with US Government Computer Expert"
- Next in thread: Mark Wooding: "Re: Interesting Discussion with US Government Computer Expert"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 31 Aug 2003 01:49:59 GMT
On Sun, 31 Aug 2003 01:12:34 GMT, George Ou
<533george_ou234@netzero234.com> wrote:
>On Sat, 30 Aug 2003 01:06:00 GMT, dsr@Florence.edu wrote:
>
>>On Fri, 29 Aug 2003 16:41:14 -0400 (EDT), "No One"
>><no-one-no-spam@home.com> wrote:
>>
>>>OK. Here's the deal. I work for the government as a consultant on SIPRNET.
>>>Had a discussion with a fellow contractor who works for a government agency
>>>in Maryland. (Hint, Hint).
>>>
>>>He implied that RSA-type keys were inherently unsecure because of known
>>>plaintext attacks. That is if I have your public key and use it to encrypt
>>>one or more text messages (or I guess any other data), by knowing the
>>>algorithm I can calculate the private key by comparing the cipherttext and
>>>the know plaintext.
>>>
>>>I think there has to be more to the story. Unfortunately, my knowledge of
>>>this encryption stops at knowing what group (i.e. this one) to ask the
>>>question in.
>>>
>>>There has to be more to the story, right guys?? Probably involving
>>>factoring very large prime numbers?
>>>
>>>I don't really need to know the answer to this question, but it will
>>>provide an indication of how seriously I should take anything else this guy
>>>says.
>>>
>>>Thanks
>>
>>Not everybody uses public key systems to encrypt plaintext. Some
>>people use an RSA or Diffie Hellman scheme to exchange a random
>>symmetric key. The random symmetric key is then used as a start key
>>for a more robust symmetric key system. Although some of the more
>>robust systems are not commercially available without screening I
>>don't think they are completely unavailable.
>
>No, PKC is almost never used to encrypt data. PGP mail, S/MIME, SSL,
>EFS, and any other app I can think of all use PKC to protect the
>symmetric session keys to kick start the symmetric crypto session.
>
>
>George Ou
>http://www.LANArchitect.net
Of course that is why the randseed.bin file is necessary in pgp to
store session key information.
- Next message: Russell Nelson: "Re: A new method for the steganography of 8 bit images"
- Previous message: George Ou: "Re: Interesting Discussion with US Government Computer Expert"
- In reply to: George Ou: "Re: Interesting Discussion with US Government Computer Expert"
- Next in thread: Mark Wooding: "Re: Interesting Discussion with US Government Computer Expert"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
