From: Andrew Loewenstern <andrew_loewenstern@il.us.swissbank.com>
Date: Fri, 8 Sep 95 10:43:41 PDT
To: cypherpunks@toad.com
Subject: 64-bit GAK && 128-bit hashes
Message-ID: <9509081743.AA03448@ch1d157nwk>
MIME-Version: 1.0
Content-Type: text/plain


The recent guidelines for proposed export regulations from NIST include  
64-bit keys and several people here have commented that this implies NSA  
ability to brute-force 64-bit keys now or in the near future ("belt and  
suspenders").  How does this bode for 128-bit hash functions such as MD5?  If  
64-bit encryption algorithms can be brute-forced, could birthday attacks and  
the like on 128-bit hashes be feasable as well?  Perhaps the crypto community  
should start serously considering moving away from MD5 and towards 160-bit  
hashes such as SHA or even 256-bits...


andrew