From: Jim Gillogly <jim@ACM.ORG>
Date: Fri, 2 Aug 1996 09:25:07 +0800
To: cypherpunks@toad.com
Subject: Re: Is 1024-bit PGP key enough?
In-Reply-To: <9608012108.AA17627@bart-savagewood.MIT.EDU>
Message-ID: <199608012238.PAA25123@mycroft.rand.org>
MIME-Version: 1.0
Content-Type: text/plain



Somebody says:
>> Is security provided by 1024-bit PGP key sufficient against most powerful
>> computers that are available today? Say if smoe organization spent 10
>> billions of dollars on a cracking machine, would it be possible to crack 
>> the keys in reasonable time?

Derek Atkins <warlord@MIT.EDU> responds with some useful and authoritative
information -- thanks.

But the original author also needs to step back and understand his
security needs.  In particular, if you're trying to protect your
information against an enemy who is willing to spend $10B to get it,
they'll have a lot of options other than hiding in a back room with some
cracking equipment.  Would you be willing to sell them the information
you're trying to protect for (say) 10% of that $10B?  Would your partner?
Your wife?

	Jim Gillogly
	Hevensday, 9 Wedmath S.R. 1996, 22:37