OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: [CISSPSTUDY] Encryption Key Strength
From: Theodor Bucher (theodor.bucher@PHARMA.NOVARTIS.COM)
Date: Thu Oct 19 2000 - 14:59:26 CDT

> Does anyone have any information on the relative strength of 128bit and
512bit encryption keys?

Taking the question literally, the difference is a factor of 2**(512-128)
= 2**384 for any given 'unbroken' published strong algorithm if exhaustive
key space searching is used as a measure (aka 'brute force attack'), but as
has already been pointed out by other contributors to this thread, this is
only one of many relevant considerations to make, and it is probably one
of the least important!

To the caveats already mentioned I would add that an important
consideration is protecting the encryption/decryption key file from being
stolen (copied), e.g. by a trojan horse program which e-mails it out to a
postbox in - say - Hong Kong, or anywhere else come to that. Such an
attack is likely to be easier and quicker than attempting to exploit
weaknesses in the implementation of the encryption algorithm (such as might
allow a 'timing attack'). And, given the relevant skills, the chance of
success is scaringly high in many kinds of environments. There is even a
precendent in the form of a virus targeted at the PGP 'key ring' file, and
- although it is not widely known - the Loveletter virus did the same thing
with password files.

The keys are best protected by storing them in a dedicated tamper-resistant
hardware device such as a chipcard. If you don't lock down the execution
environment key lengths in excess of 128 bits are probably not worth much.
And, as far as I am aware, only products which use up to 128 bits can be
marketed internationally without worrying about having to get special
export licenses.

An interesting source is: http://www.infosyssec.net/infosyssec/cry2.htm

Theo Bucher

My opinions may or may not be my own, but they do not represent my
employer.

---------------------- Forwarded by Theodore Bucher/PH/Novartis on
18.10.2000 09:56 ---------------------------

Please respond to CISSP Study Mailing List <CISSPSTUDY@SECURITYFOCUS.COM>

Sent by: CISSP Study Mailing List <CISSPSTUDY@SECURITYFOCUS.COM>

To: CISSPSTUDY@SECURITYFOCUS.COM
cc:
Subject: [CISSPSTUDY] Encryption Key Strength

Does anyone have any information on the relatvice strenght of 128bit and
512bit encryption keys?

 Any pointers or references on this would be greatly appreciated. I am
specifically looking for any best guestimates for how long it would take
(in theory) to crack an encryption key of 128bits or 512bits.

v/r
Mark Grasse
grasse@syrres.com

             +--------------------------------------------+
             | You have received this email because you |
             | subscribed to the CISSPSTUDY mailing list. |
             | -- To unsubscribe, send an email to -- |
             | listserv@securityfocus.com |
             | with a message body of: |
             | UNSUBSCRIBE CISSPSTUDY |
             +--------------------------------------------+

             +--------------------------------------------+
             | You have received this email because you |
             | subscribed to the CISSPSTUDY mailing list. |
             | -- To unsubscribe, send an email to -- |
             | listserv@securityfocus.com |
             | with a message body of: |
             | UNSUBSCRIBE CISSPSTUDY |
             +--------------------------------------------+