64-bit GAK && 128-bit hashes
Andrew Loewenstern
andrew_loewenstern at il.us.swissbank.com
Fri Sep 8 10:43:41 PDT 1995
The recent guidelines for proposed export regulations from NIST include
64-bit keys and several people here have commented that this implies NSA
ability to brute-force 64-bit keys now or in the near future ("belt and
suspenders"). How does this bode for 128-bit hash functions such as MD5? If
64-bit encryption algorithms can be brute-forced, could birthday attacks and
the like on 128-bit hashes be feasable as well? Perhaps the crypto community
should start serously considering moving away from MD5 and towards 160-bit
hashes such as SHA or even 256-bits...
andrew
More information about the Testlist
mailing list