[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Is 1024-bit PGP key enough?



At 10:16 PM 8/1/96 -0400, "Geoffrey C. Grabow" <[email protected]> wrote:
>Also, remember that although the PGP key is 1024 bits, it generates a much
>smaller IDEA key with 56 bits (I think... anyone?).  The 56 bit key is
>vunerable to that $1 mil mystery machine that the NSA may or may not have.

The PGP RSA keysize is user-selectable.
The IDEA key is not 56 bits (that's DES) - it's 128 bits,
and remember that you currently need to use brute force keysearch on it,
unlike RSA keys which have to be much longer because they 
have special forms and can be cracked by prime-number searching,
which is a much faster process that doesn't have to try
anything near to every 1024-bit number.

As somebody else pointed out, the 128-bit IDEA key is about as 
strong as a 3000-bit RSA key - though that was before the latest
factoring algorithm was demonstrated to work so well,
which means that it's probably about as strong as a 4-5000-bit RSA key.

> | That which does not kill us, makes us stranger.   - Trevor Goodchild |
:-)
#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 [email protected]
# <A HREF="http://idiom.com/~wcs"> 
#			Dispel Authority!