[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

64-bit GAK && 128-bit hashes



The recent guidelines for proposed export regulations from NIST include  
64-bit keys and several people here have commented that this implies NSA  
ability to brute-force 64-bit keys now or in the near future ("belt and  
suspenders").  How does this bode for 128-bit hash functions such as MD5?  If  
64-bit encryption algorithms can be brute-forced, could birthday attacks and  
the like on 128-bit hashes be feasable as well?  Perhaps the crypto community  
should start serously considering moving away from MD5 and towards 160-bit  
hashes such as SHA or even 256-bits...


andrew