kruger@16bits.dec.com (Hart for CCCP chief in '88) (01/15/88)
I am currently looking into a public key encryption system for a bulletin board network program. However, RSA is fairly CPU intensive, and the need for the ultimate security is not great. It would be sufficient to merely be 'difficult' for an average type. But the system really MUST be public key because any methodof passing keys makes the whole thing useless. So, is there any other function that provides reasonable security, ie protection from casual passers-by, that still has the RSA properties of being able to distribute a public key? This would allow each user to generate their own key and send the public version by ordinary mail. -your help is appreciated- dov
srt@duke.cs.duke.edu (Stephen R. Tate) (01/16/88)
In article <8801150155.AA11615@decwrl.dec.com> kruger@16bits.dec.com (Hart for CCCP chief in '88) writes: >I am currently looking into a public key encryption system for a bulletin board >network program. However, RSA is fairly CPU intensive, and the need for the >ultimate security is not great. It would be sufficient to merely be 'difficult' >for an average type. But the system really MUST be public key because any method >of passing keys makes the whole thing useless. Why no just use shorter keys in an RSA scheme? You've got a good trade-off here between complexity of encryption and security -- if you want something simpler and can live with less security, just make the keys shorter. Nothing says you have to use 100 digit keys..... -- Steve Tate UUCP: ..!{ihnp4,decvax}!duke!srt CSNET: srt@duke ARPA: srt@cs.duke.edu "There ain't nothin' in the world that a T-Bone Shuffle won't cure."
monta@mit-caf.UUCP (Peter Monta) (01/16/88)
> > I am currently looking into a public key encryption system for a bulletin > > board network program. However, RSA is fairly CPU intensive ... > > Why not just use shorter keys in an RSA scheme? This is certainly an option, but it seems to me that any RSA system with keys short enough to compete on a microcomputer with, say, DES in software, would be trivial to crack (by factoring the key). However, it might be reasonable to use RSA (or other public-key system) for key distribution: use the recipient's public key to encrypt a DES key, say, then send RSA-encrypted key and DES-encrypted message. This would use the public-key system on only a very short message, bootstrapping to a conventional, faster cryptosystem. Peter Monta uucp: ...!bbn!husc6!bloom-beacon!mit-amt!mit-caf!monta arpa: monta@caf.mit.edu