From owner-freebsd-questions Mon Aug 14 7: 2:35 2000 Delivered-To: freebsd-questions@freebsd.org Received: from mail-in-02.piro.net (mail-out-01.piro.net [194.64.31.11]) by hub.freebsd.org (Postfix) with ESMTP id 6C72237B715 for ; Mon, 14 Aug 2000 07:02:29 -0700 (PDT) (envelope-from marc.vanwoerkom@science-factory.com) Received: from nil.science-factory.com (ScienceFactory-atm1-153.piro.net [195.135.137.205]) by mail-in-02.piro.net (8.9.3/8.9.3/PN-991208) with ESMTP id QAA00546; Mon, 14 Aug 2000 16:02:27 +0200 Received: by nil.science-factory.com (Postfix, from userid 501) id 5354D2002; Mon, 14 Aug 2000 16:00:41 +0200 (CEST) From: Marc van Woerkom To: ohartman@ipamzlx.physik.uni-mainz.de Cc: freebsd-questions@freebsd.org In-reply-to: (ohartman@ipamzlx.physik.uni-mainz.de) Subject: Re: MD5 or DES? References: Message-Id: <20000814140041.5354D2002@nil.science-factory.com> Date: Mon, 14 Aug 2000 16:00:41 +0200 (CEST) Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > Can anybody tell me what the reasons are to use DES instaed of MD5? Backward compatibility. And MD5 was probably choosen instead of Tripel DES with appropriate key length due to export restrictions. > encrypting related library used by other services? Isn't DES being compromised > by brute force mechanisms? How secure is it? You can brute force anything, if you have enough time and fast enough equipment :-) I would suggest this recent statement by Bruce Schneier on DES: http://www.counterpane.com/crypto-gram-0006.html#DES The algorithm is still considered safe, what has changed during the years is the key length necessary to keep ahead of the hardware. That key lenght obviously has to be more than 56 bits today. Regards, Marc To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message