[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Why 64 bit keys?


>Date: Sat, 19 Aug 1995 15:13:35 -0400
>From: [email protected] (Lucky Green)
>Subject: Re: 64 bit keys breakable by the NSA or just some random key length?

>I think the obvious conclusion would be because 64bits is crackable
>if need be and if you have the resources the goverment has. Not for
>routine monitoring of undesirables, but for those special cases
>where they don't want to expose their activities by requesting a

I think it's much more important to the powers that be (and that
eavesdrop) that a key of up to 64 bits includes DES, which means
that lots of system designers will use DES instead of (say) 3DES,
IDEA, or Blowfish.  It's virtually certain that NSA and others have
built keysearch machines for DES.  This gives NSA, et. al., a way
around the key escrow scheme when they want it.  Better yet, NSA
can tell the FBI and BATF and such agencies where to find the
technical papers on how to build one, without releasing any
highly-classified information--those agencies can hire someone to
build them one.  This also keeps NSA from having to dirty its hands
with law-enforcement surveilance.

Of course, it will be interesting to see whether pressure is
applied to keep people from offering "nonstandard" ciphers,
especially things like Blowfish and SEAL, which have key scheduling
algorithms that need a lot of memory and time. It's really only
practical to build keysearch machines for very commonly used
ciphers, and even then, it may be complicated. (For example,
imagine a DES variant whose key schedule required several
exponentiations modulo some 1024-bit prime.)

>- -- Lucky Green <mailto:[email protected]>
>   PGP encrypted mail preferred.

   --John Kelsey, [email protected]
 PGP 2.6 fingerprint = 4FE2 F421 100F BB0A 03D1 FE06 A435 7E36

Version: 2.6.2