1993-04-20 - Re: Is 40 bits too little?

Header Data

From: wcs@anchor.ho.att.com
To: cypherpunks@toad.com
Message Hash: 66ba24ed1ec091fac81659b71b0c5136ccdf940f6054884ff32da959a812b930
Message ID: <9304200435.AA00977@anchor.ho.att.com>
Reply To: N/A
UTC Datetime: 1993-04-20 04:35:53 UTC
Raw Date: Mon, 19 Apr 93 21:35:53 PDT

Raw message

From: wcs@anchor.ho.att.com
Date: Mon, 19 Apr 93 21:35:53 PDT
To: cypherpunks@toad.com
Subject: Re:  Is 40 bits too little?
Message-ID: <9304200435.AA00977@anchor.ho.att.com>
MIME-Version: 1.0
Content-Type: text


h
Yes, 40 bits would be too little, especially since you can probably tell
if you've got the correct key by the form of the data, but they're actually
generating your 80-bit key as the XOR of two other 80-bit numbers,
and searching 2**80 still takes reasonably long.  Unfortunately,
the method of generating the two 80-bit numbers is disturbingly suspect;
see articles in sci.crypt and alt.privacy.clipper posted by Steve Bellovin
and somebody with email from Martin Hellman and Dorothy Denning.
			Bill Stewart




Thread