#1
|
|||
|
|||
Question on PKE
Hi all,
today I downloaded the EDGE release of R-Studio 4.0 and discovered that, unlikely previous releases of cracks and keygens for this software, aimed primarily to change the internal public key, the EDGE keygen creates a fully working key. If I analyze the keygen i find 2 costants of nearly 1024 bits. So here is the question: Is it a mistake in the implementation by R-Studio that made the algorithm vulnerable, or can RSA (It should be that) 1024 be keygenned? |
#2
|
|||
|
|||
Very probable that there is a mistake in the implementation or a weakness somewhere.
If RSA-1024 got broken i'm sure we would see it in the papers, unless EDGE guys know something that we don't :P. Nice release anyway |
#3
|
|||
|
|||
The display in the Keygen states it "involved the factoring of a 512 bit RSA key" so that should end any speculation they may have "cracked' a RSA-1024 bit key. This is not to diminish their accomplishment, only to end the "speculation" about what they have accomplished.
Regards,
__________________
JMI |
#4
|
|||
|
|||
I'm wondering on how much time can take a project like that...I mean...factoring 525bit RSA Key...months? A year?
|
#5
|
|||
|
|||
TmC:
You are correct. I mis-read the Keygens display that actually says "525 bit RSA Key", rather than "512 RSA Key" as I reported in my post above. The NFO states: RSA-525 factored in 2 weeks, no patching, no cheating This is the same claim EDGE made in their releases of their "keygen" for various earlier versions of this same software, going back several months. The ONLY problem is, and the probable cause for my misreading, is there appears to be no public reference to a RSA-525 standard except in their releases related to this software, while there is, indeed, a well known RSA-512 standard for public key encryption. Even the SHA hash functions, which stands for Secure Hash Algorithm, and its five algorithms, denoted SHA-1, SHA-224, SHA-256, SHA-384, and SHA-512, has no "public" SHA-525 standard. SHA-224, SHA-256, SHA-384, and SHA-512 are sometimes collectively referred to as SHA-2. SHA-1 produces a message digest that is 160 bits long; the number in the other four algorithms' names denote the bit length of the digest they produce. Maybe a member of EDGE is a member here and can enlighten us on what they actually mean by: PROTECTION ....... RSA-525. Regards,
__________________
JMI |
#6
|
|||
|
|||
edge.nfo
Code:
RSA FACTORING DETAILS The (c158) key was factored using the GNFS. Special care was taken in the choice of a good polynomial, so a substantial CPU power was spent in this step. Using a factor base with bound 30*10^6 (on both rational and algebraic side), we lattice sieved most special-q from 30*10^6 to 120*10^6. Large primes up to 2^32 were allowed. The sieving region was 16384x8192. Finally 111166072 relations were produced. After filtering and reduction, we obtained a matrix of 5834788x5835036 of weight 435572936. After finding the matrix's nullspace, 37 dependencies were found. This was done using a parallel Block-Lanczos implementation. Computing the square roots took about a couple of hours per dependency. Finally, on the 1st dependency a non-trivial factorization was obtained, yielding two p79 factors. These are: 96859774968738100242749024031422454403737620189568319581559767450468778 34947331 and 97612888871279422460170795622468505446565299697129772078285299016368621 44931893 Calendar time for the factorization was about 2 weeks, including polynomial selection. |
#7
|
|||
|
|||
Thanks tofu-sensei.
I saw this in the nfo also, however, it doesn't really explain the reference to RSA-525. I have seen one references to RSA-576 for example in: http://www.crypto-world.com/FactorRecords.html Part of what is "strange" about it is that this articles description of RSA-576 involves "only" 174 digits, while all the other "general purpose factoring records" which involve "RSA" designations the combination equals the number of digits used. For example, from the article, RSA-200 involved "200" digits, while RSA-576 involved only "174". Although we have some real crypto experts on the Woodmann RCE Forum, I'm certainly not one of them, and just do general reading on the subject, which explains my familiarity with RSA-512. Regards,
__________________
JMI |
#8
|
|||
|
|||
RSA-xxx are names given to certain "challenge numbers" by RSA Labs, sometimes referring to the number of bits, sometimes to the number of digits.
EDGE are simply saying they factored a 525-bit number. |
#9
|
|||
|
|||
That's also what I "assumed" from the NFO, which, however, leaves me wondering about the RSA-576 reference I mentioned above, which involved only "174" digits, rather than 576 bits. Sort of seems like the protection might more correctly be called a "525 bit key", rather that RSA-525, but again, I am no expert in this field and never liked "math" very much.
Regards,
__________________
JMI |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
VS 6 question(s)... | newguy | General Discussion | 9 | 04-22-2004 19:49 |
Question to JMI | Rhodium | General Discussion | 1 | 02-20-2004 06:16 |
Question about Ds 3.0 | ysco | General Discussion | 7 | 09-01-2003 09:32 |