1994-07-06 - Re: Windows for Workgroups 3.11

Header Data

From: Mike Markley <mmarkley@microsoft.com>
To: cypherpunks@toad.com
Message Hash: bec2df1dfa9fae22a58d85b0606df062cc8b93a13418c4bb66e2f0836193c776
Message ID: <9407061641.AA00597@netmail2.microsoft.com>
Reply To: N/A
UTC Datetime: 1994-07-06 17:39:52 UTC
Raw Date: Wed, 6 Jul 94 10:39:52 PDT

Raw message

From: Mike Markley <mmarkley@microsoft.com>
Date: Wed, 6 Jul 94 10:39:52 PDT
To: cypherpunks@toad.com
Subject: Re: Windows for Workgroups 3.11
Message-ID: <9407061641.AA00597@netmail2.microsoft.com>
MIME-Version: 1.0
Content-Type: text/plain


Perry says:

|
| Mike Markley says:
| > The 129 digit key was broken in 8 calendar months and not 8 CPU months,
| > correct? If so then for most purposes a 129 digit key is more than
| > adequate. If you are faxing a contract to someone then if the deal
| > isn't signed in 8 months the odds are that information about it will
| > leak from a different source than your fax.
|
| This isn't true. If you are signing the contract digitally, for
| instance, you would want to be sure that no one could forge your
| signature to change the terms after the fact -- a few months isn't
| enough for such purposes, only something that will last for fifteen or
| twenty years is okay.
|
| Perry
|

I'll definitely agree that for something as binding as a signature that 
I would want to have a very large key. For daily communication it seems 
that fairly weak keys should be more than adequate as long as they 
can't be broken in a reasonable amount of time. I'm  interested in what 
most of the people on this list would consider a reasonable amount of 
time though. It seems that the average person doesn't have adversaries 
with the know-how and computing power to break even a 64 digit key let 
alone a 129 digit key. Consider the group of people that broke the RSA 
key, they would not fit the profile of the average person, let alone 
the average computer user. I doubt if the local police department here 
could convince the NSA that they need to crack my e-mail because I 
might be conspiring to commit some illegal act and I doubt that they 
could put my e-mail out on the net saying, "here's some encoded data, 
does anybody know what it says?" Right now that's the only two ways 
that I could think of for someone to get some encrypted data unencrypted.

Mike

=====================================================

Mike Markley <mmarkley@microsoft.com>

I'm not a Microsoft spokesperson. All opinions expressed here are mine.

=====================================================





Thread