[108127] in Cypherpunks
Re: CDR: Nasty rumor?
daemon@ATHENA.MIT.EDU (Steve Mynott)
Fri Feb 5 10:07:17 1999
Date: Fri, 5 Feb 1999 14:56:17 +0000
From: Steve Mynott <steve@tightrope.demon.co.uk>
To: "Brown, R Ken" <brownrk1@texaco.com>
Cc: scoops <scoops@quiknet.com>,
"'cypherpunks@ssz.com'" <cypherpunks@einstein.ssz.com>
In-Reply-To: <896C7C3540C3D111AB9F00805FA78CE20313FC1E@MSX11002>; from Brown, R Ken on Fri, Feb 05, 1999 at 05:34:18AM -0600
Reply-To: Steve Mynott <steve@tightrope.demon.co.uk>
On Fri, Feb 05, 1999 at 05:34:18AM -0600, Brown, R Ken wrote:
> Crude rule of thumb - CPU speed doubles every 18 months, but so does memory
> & other things so assume the best cracking machines double in ability in
> about 9 months (in other words all keys become, in effect, 1 bit weaker
> every 9 months). So 16 times in 3 years. If They really are 6 years ahead
> of the pack then Their ability to do brute force cracks will be about 256
> times yours (assuming "you" are a large corporation or university with
> super-computing power...). So if you can do 40-bit it is a safe bet They can
> do 56 pretty easily. As 56-bit is now quite doable privately we can assume
> that They are somewhere in the 70-80 bit range. Add a few bits on for a
Of course the NSA's SKIPJACK had a 80-bit key so maybe this is something
like their brute force "state of the art"?
> safety factor (They employ some very clever people who might have thought of
> tricks you don't know about),
> and round up to the next convenient power of 2 (we want to be able to write
> down stuff in hex to show off how cool and cyber we are) and you get 128
> keys. Which is the minimum you should be using if you really want to stop
> other people reading your data.
--
1024/D9C69DF9 steve mynott steve@tightrope.demon.co.uk http://www.pineal.com/
why shouldn't truth be stranger than fiction? fiction, after all,
has to make sense. -- mark twain
