Kaspersky Labs Trying to Crack 1024-bit RSA
We estimate it would take around 15 million modern computers, running for about a year, to crack such a key.
What are they smoking at Kaspersky? We've never factored a 1024-bit number -- at least, not outside any secret government agency -- and it's likely to require a lot more than 15 million computer years of work. The current factoring record is a 1023-bit number, but it was a special number that's easier to factor than a product-of-two-primes number used in RSA. Breaking that Gpcode key will take a lot more mathematical prowess than you can reasonably expect to find by asking nicely on the Internet. You've got to understand the current best mathematical and computational optimizations of the Number Field Sieve, and cleverly distribute the parts that can be distributed. You can't just post the products and hope for the best.
Is this just a way for Kaspersky to generate itself some nice press, or are they confused in Moscow?
EDITED TO ADD (6/15): Kaspersky now says:
The company clarified, however, that it's more interested in getting help in finding flaws in the encryption implementation.
"We are not trying to crack the key," Roel Schouwenberg, senior antivirus researcher with Kaspersky Lab, told SecurityFocus. "We want to see collectively whether there are implementation errors, so we can do what we did with previous versions and find a mistake to help us find the key."
Schouwenberg agrees that, if no implementation flaw is found, searching for the decryption key using brute-force computing power is unlikely to work.
"Clarified" is overly kind. There was nothing confusing about Kaspersky's post that needed clarification, and what they're saying now completely contradicts what they did post. Seems to me like they're trying to pretend it never happened.
EDITED TO ADD (6/30): A Kaspersky virus analyst comments on this entry.
Posted on June 12, 2008 at 12:30 PM • 62 Comments