[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
64-bit GAK && 128-bit hashes
The recent guidelines for proposed export regulations from NIST include
64-bit keys and several people here have commented that this implies NSA
ability to brute-force 64-bit keys now or in the near future ("belt and
suspenders"). How does this bode for 128-bit hash functions such as MD5? If
64-bit encryption algorithms can be brute-forced, could birthday attacks and
the like on 128-bit hashes be feasable as well? Perhaps the crypto community
should start serously considering moving away from MD5 and towards 160-bit
hashes such as SHA or even 256-bits...
andrew