Cost of brute force decryption

Deranged Mutant WlkngOwl at unix.asb.com
Wed Jun 5 03:20:52 PDT 1996


On  4 Jun 96 at 10:58, Bruce M. wrote:

[..]
> 	"If you can ensure secrecy either until no one cares about the 
> information or so that cracking the code costs more than the information 
> is worth, it's 'secure enough.'
> 
> 	"For example a 40-bit key takes about $10,000 worth of supercomputer 
> time and two weeks to crack.  Although this key may be adequate to 
> protect my checking account, it's probably not large enough for the 
> accounts of a major corporation.
[..]

The figures look familiar.  No references around.  I'm not sure it would 
require a whole two weeks for 40-bits, though.  Possibly less than a 
day? (Or was that why you asked baout the figures?)

The "$10,000 worth of supercomputer time" is fuzzy.  One thing that's
left out is that once an organization already owns the equipment and 
has the money to spare, it may be worthwhile to crack things of less 
importance like personal checking info, email, etc.

Rob.


---
No-frills sig.
Befriend my mail filter by sending a message with the subject "send help"
Key-ID: 5D3F2E99 1996/04/22 wlkngowl at unix.asb.com (root at magneto)
        AB1F4831 1993/05/10 Deranged Mutant <wlkngowl at unix.asb.com>
Send a message with the subject "send pgp-key" for a copy of my key.






More information about the cypherpunks-legacy mailing list