From: Declan McCullagh <declan@well.com>
To: jim bell <jimbell@pacifier.com>
Message Hash: 3baba82fd819e4a5899a49079017919d5add78bc92476e39e1e2e78460095365
Message ID: <Pine.3.89.9606040505.A13202-0100000@well>
Reply To: <199606040610.XAA02467@mail.pacifier.com>
UTC Datetime: 1996-06-04 17:54:09 UTC
Raw Date: Wed, 5 Jun 1996 01:54:09 +0800
From: Declan McCullagh <declan@well.com>
Date: Wed, 5 Jun 1996 01:54:09 +0800
To: jim bell <jimbell@pacifier.com>
Subject: Re: CWD: "Jacking in from the "One that Got Away" Port
In-Reply-To: <199606040610.XAA02467@mail.pacifier.com>
Message-ID: <Pine.3.89.9606040505.A13202-0100000@well>
MIME-Version: 1.0
Content-Type: text/plain
Yeah, we fucked up here and are getting rightfully flamed.
A more accurate way to say this would be something like:
1024-bit RSA is as hard to crack as three nested iterations of 56-bit DES.
The key length for symmetric-key cryptosystems isn't comparable to the key
length for public key cryptosystems.
And now that I'm at it, I'm now told that it was a Captain Marvel decoder
ring.
Apologies, all.
-Declan
> > That key length stuff is just so much gibberish to those playing
> > without a scorecard, so let me drill down on it for you. Basically,
> > the longer the key length, the harder it is for a message to be broken
> > by "brute force" automated attacks. Current U.S. laws prohibit the
> > export of any encryption device with a key length longer than 40-bits,
> > or roughly the equivalent of Captain Crunch decoder ring. For hardcore
> > math types, I'm told that a 1024-bit key length is 10 to the 296th
> > power more difficult to break than 40 bits.
>
> I sure do wish they'd get things like this a bit more accurate... Oh, well,
> I suppose it doesn't really matter...
>
>
> Jim Bell
> jimbell@pacifier.com
>
Return to June 1996
Return to ““Perry E. Metzger” <perry@piermont.com>”