CDR: Re: StoN, Diffie-Hellman, other junk..
Bill Stewart
bill.stewart at pobox.com
Sat Sep 9 01:44:18 PDT 2000
>>Any symmetric algorithm will have maxed out by 256 bits, and most by 128,
>>though you may want different keys for your two directions.
>>So generating the DH key with 1024 bits is probably enough,
>>though it doesn't hurt much to do 2048 or 4096 -
>>no need for separately generating a key and shipping it.
>>In particular, DH takes advantage of both machines' sources of randomness,
>>which is a major win over something generated by one end
>>unless you've got a good reason for it.
>
>Well, the information I have is that Blowfish takes up to 448 bits, RC2 up
>to 1024 bits, Mars up to 1248bits, RC5 and RC6 both up to 2048 bits of key
>material.. is that incorrect?
Not incorrect, but 2**256 possible keys gets you into
age-of-the-universe territory for cracking.
>This brings up another question. My document states that Cast256, IDEA(*),
>Mars, Misty1(*), RC5, and RC6 are all patented.. * = "Free for
>noncommercial use." Is there a good repository somewhere with information
>on all the licensing issues/rules of these algorithms?
I'm not aware of one. IDEA's "non-commercial" definitions have gotten
fuzzier over the years, and it's patented in lots of places.
Avoid Misty. Several of the AES candidates had policies of
"it's patented now but if we're the AES winner you can all use it for free",
which means you won't really know licensing issues until NIST picks a winner.
Thanks!
Bill
Bill Stewart, bill.stewart at pobox.com
PGP Fingerprint D454 E202 CBC8 40BF 3C85 B884 0ABE 4639
More information about the cypherpunks-legacy
mailing list