At 10:16 PM 8/1/96 -0400, "Geoffrey C. Grabow" <gcg@pb.net> wrote:

Also, remember that although the PGP key is 1024 bits, it generates a much smaller IDEA key with 56 bits (I think... anyone?). The 56 bit key is vunerable to that $1 mil mystery machine that the NSA may or may not have.

The PGP RSA keysize is user-selectable. The IDEA key is not 56 bits (that's DES) - it's 128 bits, and remember that you currently need to use brute force keysearch on it, unlike RSA keys which have to be much longer because they have special forms and can be cracked by prime-number searching, which is a much faster process that doesn't have to try anything near to every 1024-bit number. As somebody else pointed out, the 128-bit IDEA key is about as strong as a 3000-bit RSA key - though that was before the latest factoring algorithm was demonstrated to work so well, which means that it's probably about as strong as a 4-5000-bit RSA key.

| That which does not kill us, makes us stranger. - Trevor Goodchild | :-) # Thanks; Bill # Bill Stewart, +1-415-442-2215 stewarts@ix.netcom.com # <A HREF="http://idiom.com/~wcs"> # Dispel Authority!