1994-07-06 - Re: Windows for Workgroups 3.11

Header Data

From: Adam Shostack <adam@bwh.harvard.edu>
To: mmarkley@microsoft.com (Mike Markley)
Message Hash: 3001bf9b5667a01e7fe9c3433d97bd86adbe2db317ed49701426b0631566c521
Message ID: <199407061951.PAA14548@miles.bwh.harvard.edu>
Reply To: <9407061641.AA00597@netmail2.microsoft.com>
UTC Datetime: 1994-07-06 19:54:17 UTC
Raw Date: Wed, 6 Jul 94 12:54:17 PDT

Raw message

From: Adam Shostack <adam@bwh.harvard.edu>
Date: Wed, 6 Jul 94 12:54:17 PDT
To: mmarkley@microsoft.com (Mike Markley)
Subject: Re: Windows for Workgroups 3.11
In-Reply-To: <9407061641.AA00597@netmail2.microsoft.com>
Message-ID: <199407061951.PAA14548@miles.bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain

Mike Markley wrote:

| I'll definitely agree that for something as binding as a signature that 
| I would want to have a very large key. For daily communication it seems 
| that fairly weak keys should be more than adequate as long as they 
| can't be broken in a reasonable amount of time. I'm  interested in what 
| most of the people on this list would consider a reasonable amount of 
| time though. It seems that the average person doesn't have adversaries 

	Depends on whats going to be protected.  Medical records,
trade secrets, stuff like that, you want to stay private for at least
150-200 years, until all the participants are dead.  Most stuff I
encrypt?  50-100 years would cover it, but I expect the cost of
decrypting will drop durring that time due to algorithmic

	I prefer to waste a few seconds encrypting well, rather than
encrypting poorly.  My time is not so valuable that I gain much from
the seconds saved in a 384 bit key.


Adam Shostack 				       adam@bwh.harvard.edu

Politics.  From the greek "poly," meaning many, and ticks, a small,
annoying bloodsucker.