Educause Security Discussion mailing list archives
Re: Policy / Cryptography advice needed.
From: "Jeffrey I. Schiller" <jis () MIT EDU>
Date: Mon, 1 Aug 2005 16:53:52 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I am not a cryptographer, but I have hung out with them for a long time :-) James H Moore wrote:
? strong encryption should be used, examples are RC4 at 128bits, 3DES, AES, or PGP 1024 bits (should this be 2048?).
With PGP there are really two different ciphers in use. The symmetric one and the asymmetric one (aka RSA or DH). In general PGP will only use a strong symmetric cipher (though exactly which one is uses depends on the key(s) of the recipients. As for RSA or DH keys, 1024 is more then enough strength for most people (1024 bit RSA keys have not been cracked by either hardware nor software). In general people use 2048 bit keys because they can and it gives you a large safety margin (a 1024 bit RSA key *may* be cracked in the next 5 to 10 years, but a 2048 bit key will not likely, unless RSA itself falls). Diffie-Hellman (really the El-Gamal variant) tends to be stronger for the same key length. The riskiest cipher listed above is RC4 (independent of key length).
(What about Blowfish, TwoFish strengths?)
These should be fine for most applications. National Security work might want to avoid Blowfish (because of short key length).
? what is not acceptable 40-bit RC4 or DES, unless used on a proxy server as a gateway to international campuses, and then only for the individuals located in or with frequent travel to export controlled countries.
There is a big difference between RC4-40 and DES. RC4-40 can be cracked with commodity PC's in reasonable time. DES cannot. DES has been brute forced with the aid of thousands of dollars of special purpose hardware. If some needs to use "export" grade software, they are much better off with DES then with RC4-40. In general people are badmouthing DES because new systems (which may be around for 30+ years) should really avoid it. However it is fine today for most "commercial" grade information. Most banking networks still use DES to protect financial transactions. As a practical matter, bad guys will use the weakest link to get into systems and going after your servers is still much easier that cracking any of the ciphers listed here (except perhaps RC4-40). -Jeff - -- ============================================================================ Jeffrey I. Schiller MIT Network Manager Information Services and Technology Massachusetts Institute of Technology 77 Massachusetts Avenue Room W92-190 Cambridge, MA 02139-4307 617.253.0161 - Voice jis () mit edu =========================================================================== -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFC7ove8CBzV/QUlSsRAppoAKD+5elpTBVV9WwykFn41Qp7F44hywCgyZDH EmDy8n51pU9QswpoS6oq9dI= =RUYo -----END PGP SIGNATURE-----
Current thread:
- Policy / Cryptography advice needed. James H Moore (Aug 01)
- <Possible follow-ups>
- Re: Policy / Cryptography advice needed. Jeffrey I. Schiller (Aug 01)