Welcome to Jon's
Cryptography & Privacy Page...

  Cryptography & privacy are very important in today's world. The ability to have private electronic conversations in an increasingly monitored world is essential, although the government would like you to believe otherwise.

One way you can stay ahead of the game is to use PGP. Here is my PGP public key.

A good place to find links to information about cryptography online is the Yahoo! Security & Encryption page.

Some thoughts on how hard it is to brute force a 128-bit key, which is what PGP uses:

Is brute-forcing a 128 bit key feasible right now? Will it ever be feasible?

I can say absolutely not to the first question. The second one is of course a little harder, but I think it will be quite a long time before we get to the point where we can harness that kind of computing power. Here's why:

To brute force a 128 bit key, you need to (on average) try 2127 keys. How big a number is that?

Well, it's trivial to brute-force a 40 bit key. It's relatively easy to brute force a standard DES key, which is 56 bits. 64 bits is getting harder...

  • 239 = 549,755,813,888
  • 255 = 36,028,797,018,963,968
  • 263 = 9,223,372,036,854,775,808
  • 2127 = 170,141,183,460,469,231,731,687,303,715,884,105,728

As you can see, 2127 is a pretty big number. How long would it take to crack a key that size?

Well, let's say for the sake of argument you had a chip that could crack a 64 bit key in one second. That means it can try 263 keys in one second. A system that could do that right now would cost in the millions of dollars (maybe even hundreds of millions). Now, lets take a big leap. Let's say you had one billion (1,000,000,000) of these chips. Could you crack a 128 bit key?

Sure, but it would take you over 550 years to crack a single key...