17 Dec
2003
17 Dec
'03
11:17 p.m.
The recent guidelines for proposed export regulations from NIST include 64-bit keys and several people here have commented that this implies NSA ability to brute-force 64-bit keys now or in the near future ("belt and suspenders"). How does this bode for 128-bit hash functions such as MD5? If 64-bit encryption algorithms can be brute-forced, could birthday attacks and the like on 128-bit hashes be feasable as well? Perhaps the crypto community should start serously considering moving away from MD5 and towards 160-bit hashes such as SHA or even 256-bits... andrew