OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
NFR Wizards Archive: Re: R: strong encryption for Europeans

Re: R: strong encryption for Europeans

Andreas Siegert (afxibm.de)
Tue, 25 Nov 1997 08:50:12 +0100

If keys are changed often enough, I think 56 bits is still pretty much ok for
most uses. It depends very much on the lifetime of the data transfered versus
the time needed to crack the key. If the key is changed every 15 minutes (and
I assume a much stronger protection on the key exchange), then the attacker
not only has to deal with finding the key, but also with finding the window in
which the data he is interested in was transferred.

On the other hand, has anyone used the ssh VPNs yet?

cheers
afx

Quoting Franco RUGGIERI (fruggieriselfin.net):
> Recently (June and October this year), attacks have been successfully
> accomplished against DES and RC5 56 bit, by a huge number of computers
> coordinated via Internet. Since participation in such effort was voluntary,
> I wouldn't define such coordination as *strict*. Thus, we can assume that a
> well determined organization would break codes based on keys up to 56 bit
> in a reasonable amount of time. Therefore I wouldn't recommend VPNs based
> on such systems (RCx, DES and the likes with *short*keys), unless for what
> I would dub *minor areas* and for not long lasting applications.
> This, of course, IMHO. I would appreciate comments (not flames!) on this
> viewpoint of mine. 

-- 
Andreas Siegert       afxibm.de / afxbarolo.munich.de.ibm.com / AFX at IPNET
PGP Key:http://www.muc.de/~afx/pubkey.asc, KeyId AB26FD05

This archive was generated by hypermail 2.0b3 on Sat Jul 17 1999 - 07:09:49 CDT