Report available: "Minimal Key Lengths for Symmetric Ciphers"
Richard J. Coleman
coleman at math.gatech.edu
Thu Feb 8 17:48:13 PST 1996
> I downloaded this so-called "report". It doesn't even mentions PGP.
> Gotta wonder why the 007 wannabe "experts" and the Big Business (BSA)
> want you to only use 90 bits for your keys and why they've never heard
> of PGP...
>
> Anyone who listens to crypto advice from people who's purpose in life
> is to listen to *YOU* gets what they deserve. I'll stay with PGP which
> has a 2048 bit key.
The group of 7 in question are definitely not `wannabes'. They are
about as knowledgeable a group as you could find outside of the NSA.
The report discussed the length of key needed for *symmetric*
crytosystems. As this pertains to PGP, it uses a 128 bit session key
for the IDEA symmetric algorithm. Not 2048.
Their recommendation was for a *minimum* of 90 bit keys for data
that must remain private for any length of time. Given the calculations
they stated, this seems reasonable.
Richard Coleman
coleman at math.gatech.edu
More information about the cypherpunks-legacy
mailing list