Juergen Nieveler skrev 2015-06-28 17:10:
Jack Ryan<noreply@remailer.cpunk.us> wrote:
Actually, I've read that about how a key used in straight symmetric
encryption will be effectively much stronger than an asymmetric key.
I'm just wondering if the 256-bit key is not a vulnerability, and
if it could be improved by making a stronger session key.
256bit with a decent algorithm is long enough - in fact, there isn't any implementation of AES-512 that I know off.
First, the security term Vulnerability describes a method by which the
degree of security provided by the design and the security goals
established by it.
In PGP, the session key should in a thought-through design be just as
secure as the asymmetric key encrypting the session key (crack one,
crack everything). This means, if the user is able to pick a weaker key,
either session or asymmetric, without being presented with information
about the security strength imbalance between the two keys, i'd classify
it as a Vulnerability.
It is widely accepted in the field of computer security that a complex
system without clear usage instructions, that could in practice be used incorrectly and weakening the total strength of the system, is a
vulnerability as users can be made to think the system is guaranteed to
have strong security no matter the configuration.
The way that a short session key is encrypted also plays a role in the
security strength. Plain non-preprocessed encryption of the session key
is proved to be halving the strength compared to a preprocessing implementation. A 64-bit session key encrypted without preprocessing the plaintext, can be recovered in the same time a preprocessed 32-bit
session key is cracked.
"Why Textbook ElGamal and RSA Encryption are Insecure"
http://www.ssi.gouv.fr/archive/fr/sciences/fichiers/lcr/bojong00.pdf
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)