[LUAU] Re: dangers to (Software) Freedom

Clifton Royston cliftonr at iandicomputing.com
Sun Aug 26 20:49:58 PDT 2007


On Sun, Aug 26, 2007 at 05:32:00PM -1000, Angela Kahealani wrote:
> On Sunday, 2007-08-26 11:32:35 Jim Thompson wrote:
> > In any case, modern crypto-systems do not depend on "prime numbers"  
> > per se.  Rather, the[y] depend on the difficulty of factoring large  
> > numbers,
> > especially those that are the product of two prime numbers.
> 
> Yes... so if you can quickly generate primes,
> you can quickly test factoring those primes out of another number.

  No, absolutely not.  His claim that generating primes was formerly
hard, and that's the source of the problem, is typical of what happens
when you get outsiders to a field making "discoveries".  Occasionally
they really find something new by looking at it with fresh eyes, but
far more often they completely misunderstand the nature of the problem
they are looking at, make fools of themselves, and then rant about how
the "establishment" is ignoring them out of fear.  (Consider that
centuries after the question was resolved via abstract algebra, you
still get non-mathematicians claiming to have trisected an angle with
compass and straightedge.)

  It is relatively easy to generate primes, and has been for a long
time; it is fairly easy to *statistically* guess whether a given number
is prime or not, with good odds; it's very hard to find the prime
factors of large non-primes.

  As evidence of the former, I suggest you take a look at the size of
the prime numbers being generated and tested by the Internet Mersenne
Prime Search, for instance.  The last one found had 9,808,358 decimal
digits, or 32,582,687 bits; compare that to the 1024 bit primes used in
a typical RSA key.  Remember, that number is not merely 32,000 times
larger, it's 32,000 *powers* larger.

  Also, despite the visibility that public-key cryptosystems have,
symmetric block cryptosystems like Twofish, AES, Rijndael, etc. get
much more use in practice, and they typically don't use prime-based
calculations in any way.  

  -- Clifton

-- 
    Clifton Royston  --  cliftonr at iandicomputing.com / cliftonr at lava.net
       President  - I and I Computing * http://www.iandicomputing.com/
 Custom programming, network design, systems and network consulting services



More information about the LUAU mailing list