Firewalls: R: strong encryption for Europeans

Firewalls
(November 1997)

Indexed By Thread: [Previous] [Next]

Subject:	R: strong encryption for Europeans
From:	"Franco RUGGIERI" <fruggieri @ selfin . net>
Date:	Mon, 24 Nov 1997 21:09:55 +0100
To:	"Martin W Freiss" <freiss . pad @ sni . de>, <kate @ forsys . msk . ru>
Cc:	<firewalls @ GreatCircle . COM>, <firewall-wizards @ nfr . net>

Recently (June and October this year), attacks have been successfully
accomplished against DES and RC5 65 bit, by a huge number of computers
coordinated via Internet. Since participation in such effort was voluntary,
I wouldn't define such coordination as *strict*. Thus, we can assume that a
well determined organization would break codes based on keys up to 56 bit
in a reasonable amount of time. Therefore I wouldn't recommend VPNs based
on such systems (RCx, DES and the likes with *short*keys), unless for what
I would dub *minor areas* and for not long lasting applications.
This, of course, IMHO. I would appreciate comments (not flames!) on this
viewpoint of mine.
-------------------------------
Franco RUGGIERI
fruggieri @
 selfin .
 net

----------
> Da: Martin W Freiss <freiss .
 pad @
 sni .
 de>
> A: kate @
 forsys .
 msk .
 ru
> Cc: firewalls @
 GreatCircle .
 COM; firewall-wizards @
 nfr .
 net
> Oggetto: Re: strong encryption for Europeans
> Data: martedì 28 ottobre 1997 16.42
> 
> Hi,
> 
> > I would like to know which options are available to Europeans with
regard
> > to strong encryption VPNs. It appears that most of well known firewall
> > vendors are US companies and their VPNs are subjects to US law export 
> > restrictions.
> 
> well, there are European firewall solutions, though they seem to be less
> well known. Check http://www.swn.sni.be for one solution that does
> not suffer from US export restrictions. Choice of RC4 and IDEA for VPN,
up
> to 128 bits. (Disclaimer: I work for that company, which makes me
> biased, so I will not compare this to other products here).
> 
> > Another question: how strong is Check Point's FWZ1 ? What is its key 
> > length ? Are there any estimates as to how breakable it is ? Our local
FW-1 
> > reseller could not enlighten me in the matter. 
> 
> 48 Bits for the encryption, if I remember correctly. Not knowing
> anything more about FWZ1, I won't hazard a guess as to the breakability
:)
> 
> Best regards,
> 
> -Martin
> 
> --
>  Martin Freiss, MF194   | freiss .
 pad @
 sni .
 de | http://www.rmi.de/~marvin
>  Siemens Nixdorf, CC IT Networks, Solution Team Internet/Intranet
> Half male, half e-mail.

Follow-Ups:

Re: R: strong encryption for Europeans
From: Ted Doty <ted @ iss . net>
Re: R: strong encryption for Europeans
From: Arjo Mukherjee <mukherjee @ ebo . dec . com>
Re: R: strong encryption for Europeans
From: Ming Lu <mlu @ hq . si . net>

Indexed By Date	Previous:	Re: Cisco PIX Firewall -- comments? From: Woody Weaver <woody @ wiltelnsi . com>
Indexed By Date	Next:	Security From: minicht @ nytimes . com
Indexed By Thread	Previous:	Re: ftp and Cisco PIX From: "Lionel MARIE" <Lionel . MARIE @ imaginet . fr>
Indexed By Thread	Next:	Re: R: strong encryption for Europeans From: Ming Lu <mlu @ hq . si . net>