-----BEGIN PGP SIGNED MESSAGE-----
Date: Sat, 19 Aug 1995 15:13:35 -0400 From: shamrock@netcom.com (Lucky Green) Subject: Re: 64 bit keys breakable by the NSA or just some random key length?
I think the obvious conclusion would be because 64bits is crackable if need be and if you have the resources the goverment has. Not for routine monitoring of undesirables, but for those special cases where they don't want to expose their activities by requesting a warrant.
I think it's much more important to the powers that be (and that eavesdrop) that a key of up to 64 bits includes DES, which means that lots of system designers will use DES instead of (say) 3DES, IDEA, or Blowfish. It's virtually certain that NSA and others have built keysearch machines for DES. This gives NSA, et. al., a way around the key escrow scheme when they want it. Better yet, NSA can tell the FBI and BATF and such agencies where to find the technical papers on how to build one, without releasing any highly-classified information--those agencies can hire someone to build them one. This also keeps NSA from having to dirty its hands with law-enforcement surveilance. Of course, it will be interesting to see whether pressure is applied to keep people from offering "nonstandard" ciphers, especially things like Blowfish and SEAL, which have key scheduling algorithms that need a lot of memory and time. It's really only practical to build keysearch machines for very commonly used ciphers, and even then, it may be complicated. (For example, imagine a DES variant whose key schedule required several exponentiations modulo some 1024-bit prime.)
- -- Lucky Green <mailto:shamrock@netcom.com> PGP encrypted mail preferred.
--John Kelsey, jmkelsey@delphi.com PGP 2.6 fingerprint = 4FE2 F421 100F BB0A 03D1 FE06 A435 7E36 -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBMDgfl0Hx57Ag8goBAQFa0gP/azECjB06onhSYTvLjkM2I7y2tOpC2BaB RACVMQn+Z5kVGaDM47eIM1TlRnIMlnEucuLryvqR3fMDCt6g90oDXe3rziWJedbH PxXYqgkPu1MmRfep+JWrtQ4wWsXxbPa10spTDFa8vKlGDcoohWU0W5ypgr454tlh KKPaC345vqQ= =td/F -----END PGP SIGNATURE-----