Firewall Wizards mailing list archives
Re: R: strong encryption for Europeans
From: Ted Doty <ted () iss net>
Date: Tue, 25 Nov 1997 08:27:48 -0500
At 09:09 PM 11/24/97 +0100, Franco RUGGIERI wrote:
Thus, we can assume that a well determined organization would break codes based on keys up to 56 bit in a reasonable amount of time. Therefore I wouldn't recommend VPNs based on such systems (RCx, DES and the likes with *short*keys), unless for what I would dub *minor areas* and for not long lasting applications. This, of course, IMHO. I would appreciate comments (not flames!) on this viewpoint of mine.
This is precisely what Blaze et al. recommended at the beginning of 1996. See http://www.counterpane.com/keylength.html The recommendation is 75 bit keylengths to protect current information, and 90 bits to protect information that will remain sensitive for 20 years. Note that this is to protect you from well funded, large commercial organizations or governments. Mr. Ruggieri's suggestion that 56 bits is insufficient seems more than reasonable, if you're worried about these people. Note that large classes of attackers will not have those resources, so lesser key lengths will provide adequate protection from them. 56 bits are likely good enough to protect against the casual browser. Bottom line: you need to know who to defend against, or you need to over design your system. - Ted -------------------------------------------------------------- Ted Doty, Internet Security Systems | Phone: +1 770 395 0150 41 Perimeter Center East | Fax: +1 770 395 1972 Atlanta, GA 30346 USA | Web: http://www.iss.net -------------------------------------------------------------- PGP key fingerprint: 362A EAC7 9E08 1689 FD0F E625 D525 E1BE
Current thread:
- R: strong encryption for Europeans Franco RUGGIERI (Nov 24)
- Re: R: strong encryption for Europeans Andreas Siegert (Nov 25)
- Re: R: strong encryption for Europeans Adam Shostack (Nov 25)
- Re: R: strong encryption for Europeans Perry E. Metzger (Nov 25)
- Re: R: strong encryption for Europeans Adam Shostack (Nov 25)
- Re: R: strong encryption for Europeans Adam Shostack (Nov 25)
- Re: R: strong encryption for Europeans Martin W Freiss (Nov 25)
- Re: R: strong encryption for Europeans Andreas Siegert (Nov 25)
- Re: R: strong encryption for Europeans Arjo Mukherjee (Nov 25)
- Re: R: strong encryption for Europeans Bennett Todd (Nov 25)
- Re: R: strong encryption for Europeans Ted Doty (Nov 25)
- <Possible follow-ups>
- Re: R: strong encryption for Europeans Chris Lonvick (Nov 24)
- Re: R: strong encryption for Europeans lum (Nov 25)
- Re: R: strong encryption for Europeans Bennett Todd (Nov 25)
- Re: R: strong encryption for Europeans lum (Nov 25)