[108120] in Cypherpunks
RE: CDR: Nasty rumor?
daemon@ATHENA.MIT.EDU (Brown, R Ken)
Fri Feb 5 06:49:16 1999
From: "Brown, R Ken" <brownrk1@texaco.com>
To: scoops <scoops@quiknet.com>,
"'cypherpunks@ssz.com'"
<cypherpunks@einstein.ssz.com>
Cc: cypherpunks@einstein.ssz.com
Date: Fri, 5 Feb 1999 05:34:18 -0600
Reply-To: "Brown, R Ken" <brownrk1@texaco.com>
> Tom Vogt[SMTP:tv@wlwonline.de] wrote:
>
> nsa has had a policy to stay ahead of "current technology"
> by 5 to 10 years for pretty much all it's life. that means they
> can easily crack what is possible to crack, say using
> distributed.net, today with a portion of the effort.
> which gives you reason to not use 40-bit keys any longer,
> but it's far from the magic the paranoid talk about.
No - it gives you a reason not to use 56-bit keys any longer & to think
seriously about what applications you are willing to use 128-bit keys for.
Exhaustive searching for a 40-bit key is now in the homebrew universe.
Crude rule of thumb - CPU speed doubles every 18 months, but so does memory
& other things so assume the best cracking machines double in ability in
about 9 months (in other words all keys become, in effect, 1 bit weaker
every 9 months). So 16 times in 3 years. If They really are 6 years ahead
of the pack then Their ability to do brute force cracks will be about 256
times yours (assuming "you" are a large corporation or university with
super-computing power...). So if you can do 40-bit it is a safe bet They can
do 56 pretty easily. As 56-bit is now quite doable privately we can assume
that They are somewhere in the 70-80 bit range. Add a few bits on for a
safety factor (They employ some very clever people who might have thought of
tricks you don't know about),
and round up to the next convenient power of 2 (we want to be able to write
down stuff in hex to show off how cool and cyber we are) and you get 128
keys. Which is the minimum you should be using if you really want to stop
other people reading your data.
Ken
