[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: 40-bit RC5 crack meaningless??



At 09:37 AM 2/7/97 -0500, Vin McLellan wrote:
>	Now, an international institution which buys and bets the bank upon
>US-exportable (40-bit) cryptography probably deserves what it has bought:
> [...] even 56-bit keys -- whatever the algorithm! -- offer only "minimal"
security.
>(What Goldberg did in hours, many could do in a days or weeks with much
>less equipment.  

You don't bet the bank on 40-bit crypto, unless you're, ummm, accepting 
credit cards over wimp-configured sessions of SSL.  (You, as merchant,
may not lose if there's a forgery, and your customer's loss may be limited
to $50,
but the bank's loss isn't limited except by how fast they can block thieves.)

While banks get Extra Slack on crypto exports, and can use 56-bit DES,
they've got more serious adversaries - building a $1M machine to win a $1000
contest is a bit expensive for the average grad student, but it's a 
perfectly reasonable investment if you're planning to rob banks of
millions of dollars with it, especially if you think you can either
siphon the money off slowly while hitting a lot of banks or else
make a really big haul all at once.  

Banks aren't the only kind of company with big money floating around;
stockbrokers, commodities traders, purchasing departments of big companies
that might not notice that they're buying a few percent more parts,
and all sorts of other large companies are targets for crypto-cracking
thieves.
Because well-funded thieves can do this kind of financial damage,
we have a legitimate-sounding spin on "Federal law enforcement's job includes 
preventing large-scale theft, and they're letting their political agenda
get in the way of doing their job.  Sure, 56-bit keys are harder to crack
than 40,
but well-funded crackers could use the same techniques Ian did."

Either method of theft requires being non-stupid enough not to get caught
afterwards 
(like the $(24?)M computerized bank job last year), and having your
"partners" 
not rip you off; a big heist also risks detection by tracking chip
purchases, and
provoking the Feds into banning "ASIC Laundering" and criminalizing 
illegal possesion of field-programmable gate arrays and such paranoid
silliness.

..>> the same Strassmann 
Yeah, him :-)

>	(It was a usefully overheated hook for some article on compsec, but
>I don't think I ever used it.  Reminded me too much of warnings that
>someone was bound to someday taint the city water reservoir with LSD;-)
But we _were_ planning to enhance the water that way, back in the 60s! :-)




#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 [email protected]
# You can get PGP outside the US at ftp.ox.ac.uk/pub/crypto/pgp
#     (If this is a mailing list, please Cc: me on replies.  Thanks.)