From: Adam Shostack <adam@homeport.org>
To: whallen@capitalnet.com (Wayne H. Allen)
Message Hash: 34b2417211582ab9cad78082965a6dbed78fda249bfeaa491cf5292346a49c94
Message ID: <199607220125.UAA21460@homeport.org>
Reply To: <199607212302.TAA08173@ginger.capitalnet.com>
UTC Datetime: 1996-07-22 02:43:36 UTC
Raw Date: Mon, 22 Jul 1996 10:43:36 +0800
From: Adam Shostack <adam@homeport.org>
Date: Mon, 22 Jul 1996 10:43:36 +0800
To: whallen@capitalnet.com (Wayne H. Allen)
Subject: Re: Length of passphrase beneficial?
In-Reply-To: <199607212302.TAA08173@ginger.capitalnet.com>
Message-ID: <199607220125.UAA21460@homeport.org>
MIME-Version: 1.0
Content-Type: text
Wayne H. Allen wrote:
| At 15:38 96.07.21 -0500, Adam Shostack wrote:
| >
| >Erle Greer wrote:
|
|
| > I think its a poor assumption that your home won't be searched
| >if you're doing something that makes you want a 2048 bit key.
|
| Your kidding, because someone set up PGP to a large key your assuming
| their doing wrong and the guy's going to get busted. Wow. I set up a long
| key myself but never have used the silly thing, that mean I'm guilty too.
| (Gotta go, a black helecopter just landed in the back yard)
No, I said 'home won't be searched.' I don't know why you
assumed that I meant the LEAs would get a warrant and bust somone. If
you want a 2048 bit key because it makes you feel warm and fuzzy,
fine. If you're also using a random passphrase, I think its fair to
assume that you have a threat in mind.
| > A
| >thousand bits of keylength should be good enough for most things that
| >don't need to stay secret more than 5-10 years.
| >
| Not if he keeps the passphrase to the key availiable to all. The original
| poster did mention it was to only his wife at home who was a risk. A psudo-
| random alph-nummeric key of the size he claims can't be memorized so it has
I disagreed with that assesment. Breaking into a home is easy.
Adam
--
"It is seldom that liberty of any kind is lost all at once."
-Hume
Return to July 1996
Return to ““Wayne H. Allen” <whallen@capitalnet.com>”