[49565] in Cypherpunks
Re: Report available: "Minimal Key Lengths for Symmetric Ciphers"
daemon@ATHENA.MIT.EDU (Richard J. Coleman)
Thu Feb 8 20:04:58 1996
To: cypherpunks@toad.com
In-Reply-To: Your message of "Thu, 08 Feb 1996 10:28:27 EST."
<199602081528.KAA11525@light.lightlink.com>
Date: Thu, 08 Feb 1996 19:57:37 -0500
From: "Richard J. Coleman" <coleman@math.gatech.edu>
> I downloaded this so-called "report". It doesn't even mentions PGP.
> Gotta wonder why the 007 wannabe "experts" and the Big Business (BSA)
> want you to only use 90 bits for your keys and why they've never heard
> of PGP...
>
> Anyone who listens to crypto advice from people who's purpose in life
> is to listen to *YOU* gets what they deserve. I'll stay with PGP which
> has a 2048 bit key.
The group of 7 in question are definitely not `wannabes'. They are
about as knowledgeable a group as you could find outside of the NSA.
The report discussed the length of key needed for *symmetric*
crytosystems. As this pertains to PGP, it uses a 128 bit session key
for the IDEA symmetric algorithm. Not 2048.
Their recommendation was for a *minimum* of 90 bit keys for data
that must remain private for any length of time. Given the calculations
they stated, this seems reasonable.
Richard Coleman
coleman@math.gatech.edu