1996-08-02 - Re: Is 1024-bit PGP key enough?

Header Data

From: Bill Stewart <stewarts@ix.netcom.com>
To: “Geoffrey C. Grabow” <gcg@pb.net>
Message Hash: ddc22761dff5615e7453ca94444d0010206da0dead41e6f50607ee4d7cccbc32
Message ID: <199608020836.BAA05655@toad.com>
Reply To: N/A
UTC Datetime: 1996-08-02 13:48:45 UTC
Raw Date: Fri, 2 Aug 1996 21:48:45 +0800

Raw message

From: Bill Stewart <stewarts@ix.netcom.com>
Date: Fri, 2 Aug 1996 21:48:45 +0800
To: "Geoffrey C. Grabow" <gcg@pb.net>
Subject: Re: Is 1024-bit PGP key enough?
Message-ID: <199608020836.BAA05655@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


At 10:16 PM 8/1/96 -0400, "Geoffrey C. Grabow" <gcg@pb.net> wrote:
>Also, remember that although the PGP key is 1024 bits, it generates a much
>smaller IDEA key with 56 bits (I think... anyone?).  The 56 bit key is
>vunerable to that $1 mil mystery machine that the NSA may or may not have.

The PGP RSA keysize is user-selectable.
The IDEA key is not 56 bits (that's DES) - it's 128 bits,
and remember that you currently need to use brute force keysearch on it,
unlike RSA keys which have to be much longer because they 
have special forms and can be cracked by prime-number searching,
which is a much faster process that doesn't have to try
anything near to every 1024-bit number.

As somebody else pointed out, the 128-bit IDEA key is about as 
strong as a 3000-bit RSA key - though that was before the latest
factoring algorithm was demonstrated to work so well,
which means that it's probably about as strong as a 4-5000-bit RSA key.

> | That which does not kill us, makes us stranger.   - Trevor Goodchild |
:-)
#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts@ix.netcom.com
# <A HREF="http://idiom.com/~wcs"> 
#			Dispel Authority!






Thread