1995-08-22 - Why 64 bit keys?

Header Data

From: JMKELSEY@delphi.com
To: cypherpunks@toad.com
Message Hash: 3678a51bd3d53f863e7bac5366711e4b0ddb7fe4cd6258704a2301a2d761e861
Message ID: <01HUCIWH37YW8ZEX8O@delphi.com>
Reply To: N/A
UTC Datetime: 1995-08-22 00:18:13 UTC
Raw Date: Mon, 21 Aug 95 17:18:13 PDT

Raw message

From: JMKELSEY@delphi.com
Date: Mon, 21 Aug 95 17:18:13 PDT
To: cypherpunks@toad.com
Subject: Why 64 bit keys?
Message-ID: <01HUCIWH37YW8ZEX8O@delphi.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>Date: Sat, 19 Aug 1995 15:13:35 -0400
>From: shamrock@netcom.com (Lucky Green)
>Subject: Re: 64 bit keys breakable by the NSA or just some random key length?

>I think the obvious conclusion would be because 64bits is crackable
>if need be and if you have the resources the goverment has. Not for
>routine monitoring of undesirables, but for those special cases
>where they don't want to expose their activities by requesting a
>warrant.

I think it's much more important to the powers that be (and that
eavesdrop) that a key of up to 64 bits includes DES, which means
that lots of system designers will use DES instead of (say) 3DES,
IDEA, or Blowfish.  It's virtually certain that NSA and others have
built keysearch machines for DES.  This gives NSA, et. al., a way
around the key escrow scheme when they want it.  Better yet, NSA
can tell the FBI and BATF and such agencies where to find the
technical papers on how to build one, without releasing any
highly-classified information--those agencies can hire someone to
build them one.  This also keeps NSA from having to dirty its hands
with law-enforcement surveilance.

Of course, it will be interesting to see whether pressure is
applied to keep people from offering "nonstandard" ciphers,
especially things like Blowfish and SEAL, which have key scheduling
algorithms that need a lot of memory and time. It's really only
practical to build keysearch machines for very commonly used
ciphers, and even then, it may be complicated. (For example,
imagine a DES variant whose key schedule required several
exponentiations modulo some 1024-bit prime.)

>- -- Lucky Green <mailto:shamrock@netcom.com>
>   PGP encrypted mail preferred.

   --John Kelsey, jmkelsey@delphi.com
 PGP 2.6 fingerprint = 4FE2 F421 100F BB0A 03D1 FE06 A435 7E36

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMDgfl0Hx57Ag8goBAQFa0gP/azECjB06onhSYTvLjkM2I7y2tOpC2BaB
RACVMQn+Z5kVGaDM47eIM1TlRnIMlnEucuLryvqR3fMDCt6g90oDXe3rziWJedbH
PxXYqgkPu1MmRfep+JWrtQ4wWsXxbPa10spTDFa8vKlGDcoohWU0W5ypgr454tlh
KKPaC345vqQ=
=td/F
-----END PGP SIGNATURE-----





Thread