At 01:29 AM 1/7/97 -0500, Vin McLellan wrote:
A client asked me today about where he could find evidence of the relative strength of different encryption algorithms, when all are restricted to 40-bit keys. He assumed dot-Gov was going to restrict his export product to the 40-bit limit, but he wanted to provide the strongest security he could within that limitation.
A cypher with a long key setup schedule, such as Blowfish, would be more resistant to brute force attacks. (Blowfish requires 500+ encryptions to set up the key schedule. This should be similar to adding 9 bits to the key size.) While I think Blowfish is good in this respect, one must be careful to avoid systems, such as DES, which are subject to Peter Trei's "gray code" techniques. ------------------------------------------------------------------------- Bill Frantz | Client in California, POP3 | Periwinkle -- Consulting (408)356-8506 | in Pittsburgh, Packets in | 16345 Englewood Ave. frantz@netcom.com | Pakistan. - me | Los Gatos, CA 95032, USA