From: Ben Holiday <ncognito@gate.net>
Date: Wed, 5 Jun 1996 17:06:38 +0800
To: Declan McCullagh <declan@well.com>
Subject: Re: How to explain crypto?
In-Reply-To: <v01510100adda3101165c@[204.62.128.229]>
Message-ID: <Pine.A32.3.93.960604185950.36410A-100000@seminole.gate.net>
MIME-Version: 1.0
Content-Type: text/plain


Im quoting directly from the PGP manual from pgp2.6.2:

"People who work in factoring research say that the workload to
exhaust all the possible 128-bit keys in the IDEA cipher would
roughly equal the factoring workload to crack a 3100-bit RSA key,
which is quite a bit bigger than the 1024-bit RSA key size that most
people use for high security applications..."

If we take phil at his word, I would say that comparing 90bit symetric to
1024bit RSA would be a bit generous to RSA. 

On Tue, 4 Jun 1996, Declan McCullagh wrote:

>   "The 1024 bit key is likely an RSA key, and is not comperable to a 40 bit
>   symetric key.  From memory, 1024 bit RSA is about as hard to crack as 90
>   bit symetric."
> 
> Is this a reasonable comparison?
> 
> -Declan
> 
>