Bugtraq mailing list archives
Re: Non-PK encryption not vulnerable via low key length?!
From: perry () imsi com (Perry E. Metzger)
Date: Sat, 18 Mar 1995 12:07:06 -0500
"John B. Brown" says:
This is the crux of the matter. RC2 and RC4 are _not_ public key systems. They are conventional secret key algorithms, in the same class as DES or IDEA.If they are in the same class as DES, then they are in BIG trouble! The $1M machine proposed by Michael J. Weiner in `Efficient DES Key Search' does in DES in 3.5 hours. according to the 'math'.
Saying that they are conventional cryptosystems like DES does not imply that a the Weiner & Oorschot machine could be used against them. In particuler, specialty DES hardware is useless against other systems, but even more importantly, key length is (potentially) much longer for RC2 and RC4, and every bit added to the key doubles the time for a brute force attack. .pm
Current thread:
- Re: Non-PK encryption not vulnerable via low key length?!, (continued)
- Re: Non-PK encryption not vulnerable via low key length?! sameer (Mar 25)
- Re: Non-PK encryption not vulnerable via low key length?! Software Test Account (Mar 25)
- Re: Non-PK encryption not vulnerable via low key length?! Jake Hill (Mar 17)
- Re: Non-PK encryption not vulnerable via low key length?! John B. Brown (Mar 17)
- GNU finger 1.37 executes ~/.fingerrc with gid root Thomas Roessler (Mar 17)
- Re: GNU finger 1.37 executes ~/.fingerrc with gid root Christian Wettergren (Mar 20)
- cancel subscription Saeid Sadeghi (Mar 20)
- Re: Non-PK encryption not vulnerable via low key length?! Julian Assange (Mar 17)
- nfsbug leaving file systems mounted Dr. Frederick B. Cohen (Mar 18)
- GNU finger 1.37 executes ~/.fingerrc with gid root Thomas Roessler (Mar 17)
- Re: Non-PK encryption not vulnerable via low key length?! John B. Brown (Mar 17)
- Re: Non-PK encryption not vulnerable via low key length?! Perry E. Metzger (Mar 18)