* Reply to msg originally in Cypherpunks <INET> phiber@eff.org (Phiber Optik) writes: BK> Slow down. Firstly, DES encrypts a 64-bit block with a 56-bit key. BK> Are you talking about key lengths? Yes. BK> It was originally proposed to use a BK> 128-bit key space, alla IBM's LUCIFER. But they opted on the smaller BK> key, which fuels this NSA conspiracy theory. As was their reaction to Hellman's proposal for a 64-bit key and any other proposed out-of-house improvement at that time. BK> Saying that Hellman "broke" anything is a bit BK> strong. I remember reading a published paper, I believe by Hellman and BK> one other, describing that they were able to WEAKEN DES (with a smaller BK> key space for their experiment), using a statistical approach, and that BK> this could possibly be applied to the DES standard. I refer you to Warren on this. It was my understanding of the article that Hellman had actually decrypted DES cyphertext prepared with the then-proposed 54-bit key standard. BK> If you're not just some NSA-paranoid wacko, BK> reference some papers to back up your claims. Otherwise, you're just BK> another NSA-conspiracy theorist, and part of the noise. Please, there's no need for abuse here. I was referring to a published column by Jim Warren of the Electronic Frontiers Foundation in _MicroTimes_, a Bay Area computer paper. I do not know if you consider Warren or the EFF to be reputable. I assumed Warren's statements were factual. The assertion that Israeli intelligence made short work of DES was presented as I got it - an interesting rumor from someone who has been a fairly-reliable source of information in the past. BK> We're all BK> capable of suspecting underhandedness on the part of the NSA, but when BK> you start misrepresenting your opinions as fact, you're being BK> nonconstructive. I was merely relating published assertions by the EFF. If you believe these to be incorrect, then I'd advise you to take the issue up with Warren. I have no "opinion" in the matter, only suspicions. A great many people with academic background superior to mine also share these. My own background is in applied rather than theoretical security. I defer to academics in academic matters, but know that in matters of top security it is difficult to invest confidence in any mechanism as mired in continuing controversy as DES. That's all. JN ... "Oceania, 'tis for thee..." --- Blue Wave/Opus v2.12 [NR] -- John Nieder - via FidoNet node 1:125/555 UUCP - ...!uunet!hoptoad!kumr!fidogate!33!John.Nieder INTERNET - John.Nieder@f33.n125.z1.FIDONET.ORG