At 10:19 PM 6/3/96 -0500, Declan McCullagh wrote:
(By Brock Meeks / brock@well.com / Archived at http://www.cyberwerks.com/)
CyberWire Dispatch // Copyright (c) 1996 //
A virtual tactical nuke was hurled into the arcane subculture of encryption technology Monday when RSA President Jim Bizdos revealed that his company's Japanese subsidiary had developed a monster chipset capable of scrambling voice and data real time with a so-called "key length" of up to 1024 bits.
I don't mean to be overly critical, but why not provide for the possibility of longer keys? The RSA key only has to be exchanged and decoded once per call, presumably, which suggests that there shouldn't be a problem to do 2048-bit keys. Admittedly, 1024 bits will be good for many years, but...
That key length stuff is just so much gibberish to those playing without a scorecard, so let me drill down on it for you. Basically, the longer the key length, the harder it is for a message to be broken by "brute force" automated attacks. Current U.S. laws prohibit the export of any encryption device with a key length longer than 40-bits, or roughly the equivalent of Captain Crunch decoder ring. For hardcore math types, I'm told that a 1024-bit key length is 10 to the 296th power more difficult to break than 40 bits.
I sure do wish they'd get things like this a bit more accurate... Oh, well, I suppose it doesn't really matter... Jim Bell jimbell@pacifier.com