1997-01-08 - Re: Relative Strength of 40-bit Crypto Implementations

Header Data

From: Bill Frantz <frantz@netcom.com>
To: Vin McLellan <cypherpunks@toad.com
Message Hash: 3512103605e8fa63f40ab8211074bb55cf0ea9107e6bbf9b4c1f5a0693b4003c
Message ID: <v03007821aef8e73f9440@[207.93.129.86]>
Reply To: <3.0.32.19970107003544.006c2808@192.100.81.126>
UTC Datetime: 1997-01-08 06:56:36 UTC
Raw Date: Tue, 7 Jan 1997 22:56:36 -0800 (PST)

Raw message

From: Bill Frantz <frantz@netcom.com>
Date: Tue, 7 Jan 1997 22:56:36 -0800 (PST)
To: Vin McLellan <cypherpunks@toad.com
Subject: Re: Relative Strength of 40-bit Crypto Implementations
In-Reply-To: <3.0.32.19970107003544.006c2808@192.100.81.126>
Message-ID: <v03007821aef8e73f9440@[207.93.129.86]>
MIME-Version: 1.0
Content-Type: text/plain


At 01:29 AM 1/7/97 -0500, Vin McLellan wrote:
>	A client asked me today about where he could find evidence of the
>relative strength of different encryption algorithms, when all are
>restricted to 40-bit keys.  He assumed dot-Gov was going to restrict his
>export product to the 40-bit limit, but he wanted to provide the strongest
>security he could within that limitation.

A cypher with a long key setup schedule, such as Blowfish, would be more
resistant to brute force attacks.  (Blowfish requires 500+ encryptions to
set up the key schedule.  This should be similar to adding 9 bits to the
key size.)  While I think Blowfish is good in this respect, one must be
careful to avoid systems, such as DES, which are subject to Peter Trei's
"gray code" techniques.


-------------------------------------------------------------------------
Bill Frantz       | Client in California, POP3 | Periwinkle -- Consulting
(408)356-8506     | in Pittsburgh, Packets in  | 16345 Englewood Ave.
frantz@netcom.com | Pakistan. - me             | Los Gatos, CA 95032, USA







Thread