[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: A case for 2560 bit keys



At 11:09 PM 7/8/96 -0400, David F. Ogren wrote:

>And so we have to ask ourselves, why _not_ use a 2047+ bit key.  It has 
>greater longevity and greater security.  Why not be overcautious when 
>the cost is so small?

I don't think it's going to make a great deal of difference.  We've "all" 
shifted to 1024-bit keys, even though it's unlikely anybody will have the 
resources to crack them for decades if not centuries.  And the moment any 
government prosecutes anyone with information obtained by a decrypt of a 
1024-bit key, the (then) stragglers will join the rest of us at 1500 or 
2000+.  The government knows this and there's nothing it can do about it, 
except possibly for GAK and it isn't making much headway in that.

The most negative part of a long key is the false sense of security it may 
engender in the weak-minded:  All key sizes are equally insecure from a 
computer black-bag job or a specially-engineered virus.  If you're really 
interested in your future security, probably the best thing you can do is to 
convince Congress to write legislation to ban negotiations and/or treaties 
with other countries which in any way ban or restrict encryption, preventing 
Klinton from doing an end-run around the Bill of Rights with regard to the 
1st amendment.

Maybe it's just too much of a wish-list item, but a I'd like to see a legal 
prohibition on the government attempting to decrypt any information that it 
didn't (legally; with authorization) have the key to when it collected that 
information.

Jim Bell
[email protected]