At 11:09 PM 7/8/96 -0400, David F. Ogren wrote:

And so we have to ask ourselves, why _not_ use a 2047+ bit key. It has greater longevity and greater security. Why not be overcautious when the cost is so small?

I don't think it's going to make a great deal of difference. We've "all" shifted to 1024-bit keys, even though it's unlikely anybody will have the resources to crack them for decades if not centuries. And the moment any government prosecutes anyone with information obtained by a decrypt of a 1024-bit key, the (then) stragglers will join the rest of us at 1500 or 2000+. The government knows this and there's nothing it can do about it, except possibly for GAK and it isn't making much headway in that. The most negative part of a long key is the false sense of security it may engender in the weak-minded: All key sizes are equally insecure from a computer black-bag job or a specially-engineered virus. If you're really interested in your future security, probably the best thing you can do is to convince Congress to write legislation to ban negotiations and/or treaties with other countries which in any way ban or restrict encryption, preventing Klinton from doing an end-run around the Bill of Rights with regard to the 1st amendment. Maybe it's just too much of a wish-list item, but a I'd like to see a legal prohibition on the government attempting to decrypt any information that it didn't (legally; with authorization) have the key to when it collected that information. Jim Bell jimbell@pacifier.com