Re: R: strong encryption for Europeans

[Ted Doty <ted () iss net>]

At 09:09 PM 11/24/97 +0100, Franco RUGGIERI wrote:
>                                              Thus, we can assume that a
> well determined organization would break codes based on keys up to 56 bit
> in a reasonable amount of time. Therefore I wouldn't recommend VPNs based
> on such systems (RCx, DES and the likes with *short*keys), unless for what
> I would dub *minor areas* and for not long lasting applications.
> This, of course, IMHO. I would appreciate comments (not flames!) on this
> viewpoint of mine.

This is precisely what Blaze et al. recommended at the beginning of 1996.  See
http://www.counterpane.com/keylength.html

The recommendation is 75 bit keylengths to protect current information, and 90
bits to protect information that will remain sensitive for 20 years.

Note that this is to protect you from well funded, large commercial
organizations or governments.  Mr. Ruggieri's suggestion that 56 bits is
insufficient seems more than reasonable, if you're worried about these people.

Note that large classes of attackers will not have those resources, so
lesser key lengths will provide adequate protection from them.  56 bits are
likely good enough to protect against the casual browser.

Bottom line: you need to know who to defend against, or you need to over
design your system.  

- Ted

--------------------------------------------------------------
Ted Doty, Internet Security Systems | Phone: +1 770 395 0150
41 Perimeter Center East            | Fax:   +1 770 395 1972
Atlanta, GA 30346  USA              | Web: http://www.iss.net
--------------------------------------------------------------
PGP key fingerprint: 362A EAC7 9E08 1689  FD0F E625 D525 E1BE