Negative externalities of key cracking

| Comments (0) | COMSEC
Aside from being kind of pointless, Terence Spies pointed out to me today that there's a real negative externality to an attempt to crack Gpcode's RSA key. Once you've bothered to build a big distributed RSA key cracking system (this assumes of course that this is practical, which isn't clear), there's a temptation to use it, and there are lots of 1024-bit and smaller RSA keys floating around in the world. It's not at all clear that the benefit from cracking the public key used for a single piece of ransomware exceeds the cost of a crack of long-term keys used for legitimate purposes.

Leave a comment