Recently (June and October this year), attacks have been successfully
accomplished against DES and RC5 65 bit, by a huge number of computers
coordinated via Internet. Since participation in such effort was voluntary,
I wouldn't define such coordination as *strict*. Thus, we can assume that a
well determined organization would break codes based on keys up to 56 bit
in a reasonable amount of time. Therefore I wouldn't recommend VPNs based
on such systems (RCx, DES and the likes with *short*keys), unless for what
I would dub *minor areas* and for not long lasting applications.
This, of course, IMHO. I would appreciate comments (not flames!) on this
viewpoint of mine.
> Da: Martin W Freiss <freiss .
> A: kate @
> Cc: firewalls @
COM; firewall-wizards @
> Oggetto: Re: strong encryption for Europeans
> Data: martedì 28 ottobre 1997 16.42
> > I would like to know which options are available to Europeans with
> > to strong encryption VPNs. It appears that most of well known firewall
> > vendors are US companies and their VPNs are subjects to US law export
> > restrictions.
> well, there are European firewall solutions, though they seem to be less
> well known. Check http://www.swn.sni.be for one solution that does
> not suffer from US export restrictions. Choice of RC4 and IDEA for VPN,
> to 128 bits. (Disclaimer: I work for that company, which makes me
> biased, so I will not compare this to other products here).
> > Another question: how strong is Check Point's FWZ1 ? What is its key
> > length ? Are there any estimates as to how breakable it is ? Our local
> > reseller could not enlighten me in the matter.
> 48 Bits for the encryption, if I remember correctly. Not knowing
> anything more about FWZ1, I won't hazard a guess as to the breakability
> Best regards,
> Martin Freiss, MF194 | freiss .
de | http://www.rmi.de/~marvin
> Siemens Nixdorf, CC IT Networks, Solution Team Internet/Intranet
> Half male, half e-mail.