# Encryption & Prime Numbers

Tue Sep 7 11:24:15 EDT 2004

```On Monday, September 6, 2004, at 11:43 PM, MisterX wrote:

> the 32 bit word is just a long word...
> bitXOR is used as a small time encryption. Just bitxor any number, you
> will get aonther number. If you reverse the operation, you get your
> number back. The bitXOR function is limited to 2^48-1 or 2^64-1.

Xavier,

>> From TDocs:  the largest long integer allowed by the current
>> operating system. (On most operating systems, this is 2^32, or
>> 4,294,967,296.)

As I recall Transcript bitXOR function is limited to 2^32, even on 64
bit systems.

>
> If you use a non-prime number, it's possible that you get multiple
> numbers
> that can unlock this number. BitXOR is extremely weak since the number
> of attacks is quite small. In RSA, they started with (approx.) 2^56 bit
> primes, then 2^128, and they way higher now, 2^4096 possibly.
>
> Random padded cypher blocks are just padding to fool the cracker into
> thinking he's attacking real data - usually. There's 20 million
> different
> types of pading possible to make their lives an eternity but these guys
> can use almost any resources! ;)

blocks in CBC really do change the entire result and not just the
random block that is the pad. A 10kbt document encrypted with the same
key in CBC that includes a 128 bit random pad comes out different each
time it's encrypted. The only way to brute force an attack is to know
the key length, the size of the pad, and the encryption algorithm used.

> The private key systems use an obscure elliptical geometry topology
> which is also used solve the problem or crack the key. The ellipse
> allows
> to have 2 answers for any points on the curve of an ellipse.
>
> http://www.cs.virginia.edu/cs588/projects/reports/team1.pdf
>
> and a few more links here
> http://archives.math.utk.edu/topics/numberTheory.html
>
> Note that cryptography is a wide and deep subject, too many links or
> code to make sense of ;)
>
> Hope that helps.
> Xavier

Interesting stuff. By attacking the timing and knowing, through testing
for the results of different sized keys, one could extrapolate a
smarter brute force attack. This is why I like Blowfish. It always uses
a 448 bit key. Even when the key is 64 bit it is just repeated until it
gets to 448 bits.

Protecting those keys looks like the major part of the issues regarding
secrets.

Mark

```