In my encryption summary I use some figures from RSA Data Security which
indicate the difficulty of breaking encryption keys:
>40 bit key (maximum allowed for export from U.S.)
> * 1 486 PC would take three (3) years.
> * 1,300 486 PCs in parallel would take one (1) day.
>
>64 bit key (typical for domestic implementations)
> * 1 486 PC would take sixty million (60,000,000) years
> * 20 billion 486 PCs in parallel would take one (1) day
A couple of folks have disputed these numbers (which I must stress are from RSA
Data Security--I didn't make them up :-).
From: "P. Rajaram" <rajaram @
ctt .
bellcore .
com>
>> 40 bit key (maximum allowed for export from U.S.)
>> * 1 486 PC would take three (3) years.
>> * 1,300 486 PCs in parallel would take one (1) day.
>
>This is way, way off and wrong.
>A SPARCstation 2 can try all combinations of a 40 bit RC4 key in about
>1 hour. (I've tried this.) One PC 486 would probably take less than 3
>hours.
I can't argue with empirical evidence--yet these numbers are obviously at
extreme odds with RSA claims. What gives?
>From: smb @
research .
att .
com
>DES uses 56-bit keys, not 64. At Crypto '93, Michael Wiener of BNR
>presented a detailed (i.e. gate-level) design for a $1,000,000 engine
>that would do a brute-force attack on DES in 7 hours.
>
>And, as I hinted above, there may be attacks better than brute force.
>I certainly think so.
Unfortunately, the clipping I have from RSA Data Security does not indicate
which encryption scheme these numbers supposedly apply to. Are there some
better numbers that I can include in my summary?
BY THE WAY, a little update to the encryption summary is that the LANGuardian
platform supports triple DES encryption at T1 line speeds. According to smb,
this defeats the DES cracking engine he described above.
Andy
|
|
