[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Windows for Workgroups 3.11



Mike Markley wrote:

| I'll definitely agree that for something as binding as a signature that 
| I would want to have a very large key. For daily communication it seems 
| that fairly weak keys should be more than adequate as long as they 
| can't be broken in a reasonable amount of time. I'm  interested in what 
| most of the people on this list would consider a reasonable amount of 
| time though. It seems that the average person doesn't have adversaries 

	Depends on whats going to be protected.  Medical records,
trade secrets, stuff like that, you want to stay private for at least
150-200 years, until all the participants are dead.  Most stuff I
encrypt?  50-100 years would cover it, but I expect the cost of
decrypting will drop durring that time due to algorithmic
improvements.

	I prefer to waste a few seconds encrypting well, rather than
encrypting poorly.  My time is not so valuable that I gain much from
the seconds saved in a 384 bit key.

Adam

-- 
Adam Shostack 				       [email protected]

Politics.  From the greek "poly," meaning many, and ticks, a small,
annoying bloodsucker.