If you want, you can get my public key here (http://scatcat.fhsu.edu/%7Ebecarlson/files/Brian_Everett_Carlson.asc) and send me encrypted email.

Crypto is cool stuff

ive never understood pgp. ive always felt that if you can encrypt something using a public key, you should be able to decrypt it that way too. i recall hearing something about a 384 bit (?) key being cracked in about a month using that idea. anyone know anything about this, or am i just replaying false info

Not possible. Here is a basic overview of how PGP works.

Public-key cryptography uses a pair of keys: a public key, which encrypts data, and a corresponding private key, for decryption. You publish your public key to the world while keeping your private key secret. Anyone with a copy of your public key can then encrypt information that only you can read. It is computationally infeasible to deduce the private key from the public key. Anyone who has a public key can encrypt information but cannot decrypt it. Only the person who has the corresponding private key can decrypt the information.

Here is an interesting quote:


“If all the personal computers in the world—260 million—were put to work on a single
PGP-encrypted message, it would still take an estimated 12 million times the age
of the universe, on average, to break a single message.”
—William Crowell, Deputy Director, National Security Agency, in Senate testimony
on March 20, 1997

after a little googleing i found out that in 1995 a 384 bit key was cracked "in a few months". a 384 bit key is a hell of a lot smaller than a 1024 or 2048 bit key. so it might not be possible to crack current pgp keys, that quote probalby wont be accurate in less than 10 years. the fact that the deputy director of the nsa made that statement 2 years after pgp had been cracked is actually pretty sad. hopefully he was talking about a much stronger key. i know that i couldnt expect to go out and start cracking pgp with what i have, but who knows what we will have in the future. not only will computers become faster, but we will also have better distributed computing, like SETI, which will only multiply the computing power.

heres a link about this
http://www.geektimes.com/michael/techno/computing/privacy/topics/pgp/misc/blacknet-key-attack.html

Public key size and conventional cryptography’s secret key size are totally unrelated. A conventional 80-bit key has the equivalent strength of a 1024-bit public key. A conventional 128-bit key is equivalent to a 3000-bit public key. The bigger the key, the more secure, but the algorithms used for each type of cryptography are very different and comparison is like that of apples to oranges.