[91] in 6.033 discussion

home help back first fref pref prev next nref lref last post

key length

littlitt@ATHENA.MIT.EDU (littlitt@ATHENA.MIT.EDU)
Wed Mar 20 17:29:05 1996

Hello all,

Today in lecture Prof. Kaashoek discussed DES and RSA and touched upon
issues of key length. I thought I would point out that a group of
well-respected cryptographers (including Ron Rivest from MIT) recently
came up with a document about key length and security. Below is an
interesting excerpt from their document. The full document can be
found at:

ftp://ftp.research.att.com/dist/mab/keylength.txt

Note that these key lengths are for symmetric (private key) ciphers
such as DES, and not for public key systems such as RSA. (With RSA the
the public key needs to be long enough such that the attacker can not
find the two prime factors of the key. This leads to lengths near 1000
bits.) The prices below are estimates for brute force attacks. (Trying
out all possible keys.) Remember that DES uses 56 bit keys.

Also note that the U.S. Government currently does not grant export
licenses for cryptographic software that uses key lengths longer than
40 bits.

-jon

-------------------

                                           Time and cost         Length Needed
Type of         Budget      Tool         per key recovered       for protection
Attacker                                40bits       56bits      in Late 1995

Pedestrian Hacker

                tiny       scavenged    1 week       infeasible        45
                           computer
                           time

                $400       FPGA        5 hours       38 years          50
                                       ($0.08)       ($5,000)

Small Business

               $10,000     FPGA       12 minutes     556 days          55
                                       ($0.08)       ($5,000)

Corporate Department

                $300K      FPGA       24 seconds     19 days           60
                            or          ($0.08)      ($5,000)
                           ASIC      .18 seconds     3 hours
                                       ($0.001)       ($38)

Big Company

                $10M       FPGA      .7 seconds      13 hours          70
                            or         ($0.08)       ($5,000)
                           ASIC     .005 seconds    6 minutes
                                       ($0.001)        ($38)

Intellegence Agency

                $300M      ASIC      .0002 seconds   12 seconds        75
                                        ($0.001)        ($38)


home help back first fref pref prev next nref lref last post