Windows NT Magazine ran an article in their May 1996 issue titled "Secure Enterprise Email - How Safe is Your Mail System" that goes into matters of keeping company email private. PGP and other means of encryption are mentioned along with the following: "If you can ensure secrecy either until no one cares about the information or so that cracking the code costs more than the information is worth, it's 'secure enough.' "For example a 40-bit key takes about $10,000 worth of supercomputer time and two weeks to crack. Although this key may be adequate to protect my checking account, it's probably not large enough for the accounts of a major corporation. "A slightly longer key of 56 bits requres millions of dollars to crack and should protect the information for years to come. A 56-bit encryption key has 2^56-or 72 quadrillion-possible keys. With 1,000 computers, each trying 1,000,000 keys per second, trying them all would take 833 days. On average, you find the key halfway through your search. I was curious as to what type of formula was used to determine these figures since it wasn't mentioned in the article. Obviously, the speed of the computers, method of cracking and other such factors would be important to know. Could anyone shed some additional light on this for me? Thanks. Bruce M. * brucem@feist.com ~---------------------------------------------------~ "Knowledge enormous makes a god of me." -- John Keats