Timeline for How safe is the 256-bit encryption used in bank transactions?
Current License: CC BY-SA 3.0
21 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Jun 16, 2020 at 9:49 | history | edited | CommunityBot | Commonmark migration | |
| Mar 17, 2017 at 13:14 | history | edited | CommunityBot | replaced http://security.stackexchange.com/ with https://security.stackexchange.com/ | |
| Sep 16, 2014 at 17:18 | history | edited | CodesInChaos | CC BY-SA 3.0 | added 4 characters in body |
| May 13, 2013 at 21:26 | comment | added | Guy Sirton | @DavidCary: I think what I wanted to say a year ago :-) is: "the statement that factoring is NP hard" is incorrect. Since then the answer has been edited and that statement removed... I don't know of a proof showing that factoring isn't NP hard. | |
| May 13, 2013 at 15:34 | comment | added | David Cary | @GuySirton: While many people would be surprised if it turns out that factoring is NP-hard, is there any proof that factoring is definitely not NP-hard? | |
| Apr 13, 2012 at 15:02 | history | edited | dr jimbob | CC BY-SA 3.0 | added 507 characters in body |
| Apr 13, 2012 at 14:27 | comment | added | dr jimbob | Should not have claimed factoring was NP hard (esp the hard part). Should have said best known (non-quantum computing) algorithms are exponential (really sub-exponential); that is not polynomial time. There isn't a proof showing the P-reducibility to other NP problems like SAT=TSP; partially due to factor not being a decision problem (yes/no answer). The decision problem: does a number N have a factor in the range [2, k] is known to be NP, 2. But P≟NP is unknown. | |
| Apr 13, 2012 at 2:02 | comment | added | Guy Sirton | factoring is not NP hard. It's just there is no known algorithm that can factor in polynomial time but AFAIK no one has proven it can't be done. en.wikipedia.org/wiki/Integer_factorization | |
| Apr 12, 2012 at 23:38 | comment | added | ewanm89 | yeah, just pointing out that bit is also slow. | |
| Apr 12, 2012 at 15:24 | history | edited | dr jimbob | CC BY-SA 3.0 | added 12 characters in body |
| Apr 12, 2012 at 15:23 | comment | added | dr jimbob | @ewanm89 - Yes, we only use likely primes -- but with astronomical odds they actually are prime. With random entropy input the chance of getting a false positive prime in openssl with default settings is 1 in ~2^80 ~ 10^24 So until you check about ~10^23 numbers for primality with overwhelming odds you can assume your numbers are truly prime. E.g., if you check a billion potential primes a second, it will take ~10 million years before you are likely to have a false positive prime in your keypair. Edited for RC4/AES mixup. | |
| Apr 12, 2012 at 12:55 | comment | added | ewanm89 | @drjimbob not to mention key generation, we only use likely primes not guaranteed primes cause of that one :/ | |
| Apr 12, 2012 at 12:54 | comment | added | ewanm89 | RC4, not AES in this particular case, but past the particular symmetric algorithm used.. | |
| Apr 11, 2012 at 14:30 | comment | added | dr jimbob | @Ashwin - As D.W. said, asymmetric cryptography is roughly 10000 times slower/more CPU intensive than using a block cipher. So it makes sense to only transfer enough info to then use the much faster key. | |
| Apr 11, 2012 at 9:34 | comment | added | Ashwin | @D.W. : okay dude.. just chill:) | |
| Apr 11, 2012 at 9:30 | comment | added | D.W. | @Ashwin, yes, I know that's why you did it, but that's not the point. I am explaining that posting the same question multiple times is not appropriate on this site. Please don't. | |
| Apr 11, 2012 at 8:27 | comment | added | Ashwin | @D.W. : I posted the same question multiple times in hope that atleast someone will answer. | |
| Apr 11, 2012 at 4:45 | comment | added | D.W. | P.S. @Ashwin, Please don't post the same comment multiple times under different answers. | |
| Apr 11, 2012 at 4:26 | comment | added | Ashwin | But, why is there a need to use a symetric key. When the data itself can be ncrypted suing the server's public key. In case of user authentication, only the username and password are are needed which is not very long and can be emcrypted directly using a 2048 bit rsa key(with 2048 bit key you can directly encrypt data upto 256 bytes.) | |
| Apr 11, 2012 at 4:08 | comment | added | Ashwin | So the 128 nit encryption is the key for aes encryption but for key exchange 2048 bit rsa key is used right? | |
| Apr 10, 2012 at 16:08 | history | answered | dr jimbob | CC BY-SA 3.0 |