Page **1** of **1**

### Digital Signatures

Posted: **Thu Sep 10, 2009 3:22 pm**

by **LordMike**

Hey,

In Denmark, in the recent years, a public Digital Signature has been put in place. This signature makes it possible to agree to legally binding contracts on the net, ie. pretty bad if your signature is compromised or such.

I've extracted my own digital signature, in the form a certificate. (.p7s). As I understand it, this certificate has a public key, which is used to authenticate a given text coded with my private key.

I was wondering if it's possible to determine the Private key through bruteforcing, using only the public key?

### Re: Digital Signatures

Posted: **Thu Sep 10, 2009 5:51 pm**

by **Sc00bz**

Yes, how many bits is your private key and which algorithm is it (RSA, DSA, ...)?

### Re: Digital Signatures

Posted: **Fri Sep 11, 2009 11:49 am**

by **BarsMonster**

512 bit ones are pretty easy, and I am, going to try that someday.

1024 bit ones are not yet realistic.

### Re: Digital Signatures

Posted: **Fri Sep 11, 2009 9:53 pm**

by **Sc00bz**

Hmm according to Wikipedia it took 8000 MIPS-years to factor a 512 bit RSA public key which is 2.92 days at 1 trillion instructions/second (Radeon HD 4850 X2). Well there is a chance that it doesn't run nicely on GPUs and it will take a lot longer than 3 days.

512 bit 8000 MIPS-years
463 bit 2000 MIPS-years

### Re: Digital Signatures

Posted: **Sat Sep 12, 2009 5:23 am**

by **BarsMonster**

Sc00bz wrote:Hmm according to Wikipedia it took 8000 MIPS-years to factor a 512 bit RSA public key which is 2.92 days at 1 trillion instructions/second (Radeon HD 4850 X2). Well there is a chance that it doesn't run nicely on GPUs and it will take a lot longer than 3 days.

512 bit 8000 MIPS-years
463 bit 2000 MIPS-years

It is not a chance but a complete confidence that it does not run nicely on GPU

### Re: Digital Signatures

Posted: **Sun Sep 13, 2009 2:57 pm**

by **LordMike**

I have the .p7s file..

Will take a look at it.

Doesn't look like I can decipher it.. Bits of it is cleartext,

amongst others my name and category (Firm, private, youth etc,,)...

But I'd expect some public digital security thing to be safe... So I wouldn't expect it to be a 512 bit hash

### Re: Digital Signatures

Posted: **Mon Sep 14, 2009 9:00 am**

by **LordMike**

Been looking at it..

The longest line (34 lines) is around 142 characters long.. Which is pretty matching with the 1024 bit version...

Other notes, is that the entire file with all text (Including my name and the registrar), is 2040 characters..

EDIT:

Dammit.. I just double clicked the file.. the certificate is:

SHA1 RSA

RSA (1024 bits)

Version 3 btw...

### Re: Digital Signatures

Posted: **Mon Sep 14, 2009 9:04 am**

by **LordMike**

1024 bits gives quite a few possibilities...

2^1024 = 1.797693134862315907729305190789e+308... Could take a while

### Re: Digital Signatures

Posted: **Mon Sep 14, 2009 9:10 am**

by **BarsMonster**

LordMike wrote:1024 bits gives quite a few possibilities...

2^1024 = 1.797693134862315907729305190789e+308... Could take a while

Well, it is not that bad.

Given the fact it's a multiplication of 2 prime numbers, it is easier to find them

### Re: Digital Signatures

Posted: **Mon Sep 14, 2009 3:45 pm**

by **Bitweasil**

^++

You can't directly compare the strength of symmetric encryption algorithms (DES, AES) with public key algorithms (RSA) - the bit count does NOT in any way correlate between the two.

AES256 (256 bit key) is theoretically secure well, well beyond feasible futures if the key is kept secure.

RSA512 isn't that great anymore.

### Re: Digital Signatures

Posted: **Tue Sep 15, 2009 6:15 am**

by **LordMike**

Keep enlightning me

Anyhow, would it be possible to expand the BarsWF cracker to include public key signatures?

### Re: Digital Signatures

Posted: **Tue Sep 15, 2009 6:54 am**

by **BarsMonster**

LordMike wrote:Keep enlightning me

Anyhow, would it be possible to expand the BarsWF cracker to include public key signatures?

Not next year

There is already an open source implementation of NFS...