Firewall Wizards mailing list archives
Re: R: strong encryption for Europeans
From: Arjo Mukherjee <mukherjee () ebo dec com>
Date: Tue, 25 Nov 1997 12:29:08 +0100
Hi, Just a comment that I wanted to tag onto this thread. Even though the VPNs are using shorter length keys than some may consider SECURE (eg 40 instead of 128), some of the products are actually exchanging modified keys rather frequently (say in the ballpark of tens of minutes). Hence, it may not be that easy to break. In other words, the keys are not kept constant, thus it makes it a bit harder to crack. Arjo. ---------------------- COMMENTING ON ------------------------- Franco RUGGIERI wrote:
Recently (June and October this year), attacks have been successfully accomplished against DES and RC5 65 bit, by a huge number of computers coordinated via Internet. Since participation in such effort was voluntary, I wouldn't define such coordination as *strict*. Thus, we can assume that a well determined organization would break codes based on keys up to 56 bit in a reasonable amount of time. Therefore I wouldn't recommend VPNs based on such systems (RCx, DES and the likes with *short*keys), unless for what I would dub *minor areas* and for not long lasting applications. This, of course, IMHO. I would appreciate comments (not flames!) on this viewpoint of mine. ------------------------------- Franco RUGGIERI fruggieri () selfin net ----------Da: Martin W Freiss <freiss.pad () sni de> A: kate () forsys msk ru Cc: firewalls () GreatCircle COM; firewall-wizards () nfr net Oggetto: Re: strong encryption for Europeans Data: martedì 28 ottobre 1997 16.42 Hi,I would like to know which options are available to Europeans withregardto strong encryption VPNs. It appears that most of well known firewall vendors are US companies and their VPNs are subjects to US law export restrictions.well, there are European firewall solutions, though they seem to be less well known. Check http://www.swn.sni.be for one solution that does not suffer from US export restrictions. Choice of RC4 and IDEA for VPN,upto 128 bits. (Disclaimer: I work for that company, which makes me biased, so I will not compare this to other products here).Another question: how strong is Check Point's FWZ1 ? What is its key length ? Are there any estimates as to how breakable it is ? Our localFW-1reseller could not enlighten me in the matter.48 Bits for the encryption, if I remember correctly. Not knowing anything more about FWZ1, I won't hazard a guess as to the breakability:)Best regards, -Martin -- Martin Freiss, MF194 | freiss.pad () sni de | http://www.rmi.de/~marvin Siemens Nixdorf, CC IT Networks, Solution Team Internet/Intranet Half male, half e-mail.
Current thread:
- R: strong encryption for Europeans Franco RUGGIERI (Nov 24)
- Re: R: strong encryption for Europeans Andreas Siegert (Nov 25)
- Re: R: strong encryption for Europeans Adam Shostack (Nov 25)
- Re: R: strong encryption for Europeans Perry E. Metzger (Nov 25)
- Re: R: strong encryption for Europeans Adam Shostack (Nov 25)
- Re: R: strong encryption for Europeans Adam Shostack (Nov 25)
- Re: R: strong encryption for Europeans Martin W Freiss (Nov 25)
- Re: R: strong encryption for Europeans Andreas Siegert (Nov 25)
- Re: R: strong encryption for Europeans Arjo Mukherjee (Nov 25)
- Re: R: strong encryption for Europeans Bennett Todd (Nov 25)
- Re: R: strong encryption for Europeans Ted Doty (Nov 25)
- <Possible follow-ups>
- Re: R: strong encryption for Europeans Chris Lonvick (Nov 24)
- Re: R: strong encryption for Europeans lum (Nov 25)
- Re: R: strong encryption for Europeans Bennett Todd (Nov 25)
- Re: R: strong encryption for Europeans lum (Nov 25)