1996-07-10 - Re: A case for 2560 bit keys

Header Data

From: jim bell <jimbell@pacifier.com>
To: “David F. Ogren” <cypherpunks@toad.com
Message Hash: f04a30360555af1015ff234cb6e3f404ead93868b9c68f0e5fdd3bccddcb6dd8
Message ID: <199607092058.NAA05528@mail.pacifier.com>
Reply To: N/A
UTC Datetime: 1996-07-10 03:24:30 UTC
Raw Date: Wed, 10 Jul 1996 11:24:30 +0800

Raw message

From: jim bell <jimbell@pacifier.com>
Date: Wed, 10 Jul 1996 11:24:30 +0800
To: "David F. Ogren" <cypherpunks@toad.com
Subject: Re: A case for 2560 bit keys
Message-ID: <199607092058.NAA05528@mail.pacifier.com>
MIME-Version: 1.0
Content-Type: text/plain


At 11:09 PM 7/8/96 -0400, David F. Ogren wrote:

>And so we have to ask ourselves, why _not_ use a 2047+ bit key.  It has 
>greater longevity and greater security.  Why not be overcautious when 
>the cost is so small?

I don't think it's going to make a great deal of difference.  We've "all" 
shifted to 1024-bit keys, even though it's unlikely anybody will have the 
resources to crack them for decades if not centuries.  And the moment any 
government prosecutes anyone with information obtained by a decrypt of a 
1024-bit key, the (then) stragglers will join the rest of us at 1500 or 
2000+.  The government knows this and there's nothing it can do about it, 
except possibly for GAK and it isn't making much headway in that.

The most negative part of a long key is the false sense of security it may 
engender in the weak-minded:  All key sizes are equally insecure from a 
computer black-bag job or a specially-engineered virus.  If you're really 
interested in your future security, probably the best thing you can do is to 
convince Congress to write legislation to ban negotiations and/or treaties 
with other countries which in any way ban or restrict encryption, preventing 
Klinton from doing an end-run around the Bill of Rights with regard to the 
1st amendment.

Maybe it's just too much of a wish-list item, but a I'd like to see a legal 
prohibition on the government attempting to decrypt any information that it 
didn't (legally; with authorization) have the key to when it collected that 
information.

Jim Bell
jimbell@pacifier.com





Thread