Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

PGP inconsistency

Mar 10, 2016 3:49PM PST

Any chain is as week as its weakest link. So, what is PGP's point of using 2048 bit key pairs and 100+ character passphrases while using a 256 bit key to encrypt the message?

Discussion is locked

- Collapse -
Your post is confusing.
Mar 10, 2016 3:53PM PST

Are you trying to reply to someone?
Dafydd.

- Collapse -
Not trying to reply to anyone
Mar 10, 2016 4:36PM PST

What I mean is that PGP uses a very strong 2048 bit encryption to exchange encryption keys. However the actual message is encrypted using a 256 bit key. Less informed users may be led to believe that they have 2048 bit protection while they actually have 256. That's all.

- Collapse -
PGP's strength is
Mar 10, 2016 3:56PM PST

So well discussed that what more can be added?

If you want a truly hard to break system, google up about CODEBOOK ENCRYPTION. It appears there are no century old encoded material that has yet to be cracked. How about that?

- Collapse -
Good stuff
Mar 10, 2016 4:54PM PST

No doubt. However the codebook has to be kept secret. This is not feasible in public e-mail communications. The one-time pad is another theoretical solution and was mathematically demonstrated unbreakable. Its practical problem is how to secretly share the key. PGP would be very useful if it would also use some sort of 2048 bit fast encryption for the message itself, which does not exist yet. Comments apart, my whole point is that less informed PGP users may believe that they have a 2048 bit strength protection when they actually have 256. Did I miss something?

- Collapse -
I'd get into a PGP mailing list and forum.
Mar 10, 2016 5:47PM PST

Here, while I do know something about secure communications, I find that it does not matter 99.99999% of the time if it's 256 or 2048 bit strength. If you are using a known encoder/decoder the NSA can break it.

That's why I mentioned the alternative which is not cracked with such ease. Even to the point there are century plus old encoded messages that have yet to be cracked.

- Collapse -
Thanks
Mar 11, 2016 4:49AM PST

This discussion has been fruitful and enlightening. I will continue to dig into that. A brute force attack to a 2048 bit cipher requires 2^(2048-256) or ~ 10^538 times more attempts than an attack to a 256 cipher, which is a huge number, even for NSA. When you say that NSA can break it, are you suggesting that they have a back door to all known ciphers? I know about rumours from the information security community, like urban legends, that they do have a back door to the AES-256, the prevailing standard. However extrapolating that to all known cipher seems a little bit far fetched. Do you know something else that I don't? Should that be the case, the only possible solution would be independently developing a brand new cipher without any back door., which would be quite a task. Please, clarify.

- Collapse -
Not long ago I would agree that the effort was
Mar 11, 2016 8:03AM PST

Not long ago I would agree that the computation to crack the 2048 was too much but today with GPUs with 1000+ compute units and then the NSA with their systems, well, it's no longer air tight. And the time to crack due to the power increase is no assurance it won't be cracked.

That part of the discussion is out there so I'll pause since that's been done.

Who said what I wrote about is a new cipher? I know it's now centuries old. That's not new.

- Collapse -
My fault
Mar 11, 2016 7:15AM PST

NIST in the Special Publication SP800-57 devoted to key management clarifies that asymmetric keys with length of 2048 bits have equivalent strength to symmetric keys of 112 bits. Therefore my previous statement is wrong. In my view this happens because asymmetric keys are based on combination of prime numbers, which are a subset of natural numbers used in symmetric keys. Therefore what I wrote was nonsense. The 256 bit symmetric encryption used to encrypt the message is stronger than the 2048 bit asymmetric encryption used for the symmetric key distribution. My apologies to everyone that followed this thread.

- Collapse -
Thanks for this.
Mar 11, 2016 8:05AM PST

And if you ever want to get really tight messaging, check into if anyone did other than PGP. Using a known system is giving them a starting point to decode.