From: Derek Atkins <warlord@MIT.EDU>
Date: Fri, 9 Feb 1996 02:16:11 +0800
To: cypherpunks@toad.com
Subject: Re: Report available: "Minimal Key Lengths for Symmetric Ciphers"
In-Reply-To: <199602081528.KAA11525@light.lightlink.com>
Message-ID: <199602081734.MAA06454@toxicwaste.media.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain


> want you to only use 90 bits for your keys and why they've never heard
> of PGP...
> 
> Anyone who listens to crypto advice from people who's purpose in life
> is to listen to *YOU* gets what they deserve. I'll stay with PGP which
> has a 2048 bit key.

The 90-bit key length is for secret key ciphers, not public key
ciphers.  There is a conversion metric for public key ciphers based
upon the difficulty of breaking the cipher.

For example, a 1024 bit RSA key is about 85 bits of security, which is
below the 90-bit limit they are proposing.  The 90-bits of security
does not mean you are limited to a 90-bit RSA key.

-derek