From owner-freebsd-hackers Wed Apr 16 08:59:07 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id IAA04502 for hackers-outgoing; Wed, 16 Apr 1997 08:59:07 -0700 (PDT) Received: from vital.bleeding.com (vital.bleeding.com [205.166.195.252]) by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id IAA04497 for ; Wed, 16 Apr 1997 08:59:03 -0700 (PDT) Received: from crimson (crimson.bleeding.com [205.166.254.2]) by vital.bleeding.com (8.8.5/8.8.5) with SMTP id IAA22233; Wed, 16 Apr 1997 08:54:16 -0700 (PDT) Received: by crimson with Microsoft Mail id <01BC4A44.91B7BAA0@crimson>; Wed, 16 Apr 1997 09:00:02 -0700 Message-ID: <01BC4A44.91B7BAA0@crimson> From: Justin Wolf To: "'drew@sml.co.jp'" , "'cmcurtin@research.megasoft.com'" , Golan Klinger , "rsacrack@vex.net" , "hackers@freebsd.org" , "deschall@gatekeeper.megasoft.com" Subject: RE: First place. Date: Wed, 16 Apr 1997 08:05:50 -0700 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by freefall.freebsd.org id IAA04498 Sender: owner-hackers@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Key size, key size... 56-bits has to do with the key size. DES can easily go to 112-bit triple which would be impossible to crack in any reasonable amount of time, even for the government. At such time where 112-bit triple DES became crackable, people would start using something else anyway, like 224-bit quadruple DES or 1024-bit layered RSA or whatever. There's nothing inherently wrong with DES, just the key size which is currently being allowed for export. As far as symmetric algorithms go, it's pretty good. And if you want to make it more difficult to crack use non-standard techniques within the algorithm (sure it's non-standard and there's a chance you'll break it, but someone would have to figure out that you changed the algorithm first). Remember, chose an encryption technique that will protect the data as long as the data needs to be protected. How many times do you think a secret that needs to be protected for eternity is sent over the internet or allowed outside of the two people (or person) involved? It doesn't get emailed, it gets hand couriered. I could go on but, it doesn't really matter anyway. People have opinions which blind them into incoherency. -Justin -----Original Message----- From: drew@sml.co.jp [SMTP:drew@sml.co.jp] Sent: Wednesday, April 16, 1997 12:42 AM To: Justin Wolf; 'cmcurtin@research.megasoft.com'; Golan Klinger; rsacrack@vex.net; hackers@freebsd.org; deschall@gatekeeper.megasoft.com Subject: RE: First place. >You actually think that DES is too weak when it takes all the >hackers in the known unix world to stage an attempt which has >been so far unsuccessful? Hmm... different point of view I guess. You actually think that the US government doesn't have at least ten times the computing power of everyone in this effort put together? Hell, they've probably got that much computing power just in people's desktop workstations. The fact is, 56-bit keys are useless when up against the US Government.