[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Report available: "Minimal Key Lengths for Symmetric Ciphers"
> I downloaded this so-called "report". It doesn't even mentions PGP.
> Gotta wonder why the 007 wannabe "experts" and the Big Business (BSA)
> want you to only use 90 bits for your keys and why they've never heard
> of PGP...
>
> Anyone who listens to crypto advice from people who's purpose in life
> is to listen to *YOU* gets what they deserve. I'll stay with PGP which
> has a 2048 bit key.
The group of 7 in question are definitely not `wannabes'. They are
about as knowledgeable a group as you could find outside of the NSA.
The report discussed the length of key needed for *symmetric*
crytosystems. As this pertains to PGP, it uses a 128 bit session key
for the IDEA symmetric algorithm. Not 2048.
Their recommendation was for a *minimum* of 90 bit keys for data
that must remain private for any length of time. Given the calculations
they stated, this seems reasonable.
Richard Coleman
[email protected]