[phpBB Debug] PHP Warning: in file [ROOT]/phpbb/session.php on line 580: sizeof(): Parameter must be an array or an object that implements Countable
[phpBB Debug] PHP Warning: in file [ROOT]/phpbb/session.php on line 636: sizeof(): Parameter must be an array or an object that implements Countable
3.14.by forum • Digital Signatures
Page 1 of 1

Digital Signatures

Posted: Thu Sep 10, 2009 3:22 pm
by LordMike
Hey,

In Denmark, in the recent years, a public Digital Signature has been put in place. This signature makes it possible to agree to legally binding contracts on the net, ie. pretty bad if your signature is compromised or such.

I've extracted my own digital signature, in the form a certificate. (.p7s). As I understand it, this certificate has a public key, which is used to authenticate a given text coded with my private key.

I was wondering if it's possible to determine the Private key through bruteforcing, using only the public key?

Re: Digital Signatures

Posted: Thu Sep 10, 2009 5:51 pm
by Sc00bz
Yes, how many bits is your private key and which algorithm is it (RSA, DSA, ...)?

Re: Digital Signatures

Posted: Fri Sep 11, 2009 11:49 am
by BarsMonster
512 bit ones are pretty easy, and I am, going to try that someday.
1024 bit ones are not yet realistic.

Re: Digital Signatures

Posted: Fri Sep 11, 2009 9:53 pm
by Sc00bz
Hmm according to Wikipedia it took 8000 MIPS-years to factor a 512 bit RSA public key which is 2.92 days at 1 trillion instructions/second (Radeon HD 4850 X2). Well there is a chance that it doesn't run nicely on GPUs and it will take a lot longer than 3 days.

512 bit 8000 MIPS-years
463 bit 2000 MIPS-years

Re: Digital Signatures

Posted: Sat Sep 12, 2009 5:23 am
by BarsMonster
Sc00bz wrote:Hmm according to Wikipedia it took 8000 MIPS-years to factor a 512 bit RSA public key which is 2.92 days at 1 trillion instructions/second (Radeon HD 4850 X2). Well there is a chance that it doesn't run nicely on GPUs and it will take a lot longer than 3 days.

512 bit 8000 MIPS-years
463 bit 2000 MIPS-years
It is not a chance but a complete confidence that it does not run nicely on GPU :-)

Re: Digital Signatures

Posted: Sun Sep 13, 2009 2:57 pm
by LordMike
I have the .p7s file..
Will take a look at it.

Doesn't look like I can decipher it.. Bits of it is cleartext,
amongst others my name and category (Firm, private, youth etc,,)...

But I'd expect some public digital security thing to be safe... So I wouldn't expect it to be a 512 bit hash :P

Re: Digital Signatures

Posted: Mon Sep 14, 2009 9:00 am
by LordMike
Been looking at it..
The longest line (34 lines) is around 142 characters long.. Which is pretty matching with the 1024 bit version...

Other notes, is that the entire file with all text (Including my name and the registrar), is 2040 characters.. :P

EDIT:
Dammit.. I just double clicked the file.. the certificate is:

SHA1 RSA
RSA (1024 bits)


Version 3 btw... :P

Re: Digital Signatures

Posted: Mon Sep 14, 2009 9:04 am
by LordMike
1024 bits gives quite a few possibilities...

2^1024 = 1.797693134862315907729305190789e+308... Could take a while :P

Re: Digital Signatures

Posted: Mon Sep 14, 2009 9:10 am
by BarsMonster
LordMike wrote:1024 bits gives quite a few possibilities...

2^1024 = 1.797693134862315907729305190789e+308... Could take a while :P
Well, it is not that bad.
Given the fact it's a multiplication of 2 prime numbers, it is easier to find them :-)

Re: Digital Signatures

Posted: Mon Sep 14, 2009 3:45 pm
by Bitweasil
^++

You can't directly compare the strength of symmetric encryption algorithms (DES, AES) with public key algorithms (RSA) - the bit count does NOT in any way correlate between the two.

AES256 (256 bit key) is theoretically secure well, well beyond feasible futures if the key is kept secure.

RSA512 isn't that great anymore.

Re: Digital Signatures

Posted: Tue Sep 15, 2009 6:15 am
by LordMike
Keep enlightning me :)

Anyhow, would it be possible to expand the BarsWF cracker to include public key signatures?

Re: Digital Signatures

Posted: Tue Sep 15, 2009 6:54 am
by BarsMonster
LordMike wrote:Keep enlightning me :)

Anyhow, would it be possible to expand the BarsWF cracker to include public key signatures?
Not next year :crazy:
There is already an open source implementation of NFS...