Great Circle Associates Firewalls
(November 1997) 		 
Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]
Subject: Re: R: strong encryption for Europeans
From: Bennett Todd <bet @ rahul . net>
Date: Tue, 25 Nov 1997 06:13:27 -0800
To: Arjo Mukherjee <mukherjee @ ebo . dec . com>
Cc: Franco RUGGIERI <fruggieri @ selfin . net>, Martin W Freiss <freiss . pad @ sni . de>, kate @ forsys . msk . ru, firewalls @ GreatCircle . COM, firewall-wizards @ nfr . net
In-reply-to: <347AB684 . 18F4 @ ebo . dec . com>; from Arjo Mukherjee on Tue, Nov 25, 1997 at 12:29:08PM +0100
References: <199711250301 . EAA13940 @ pinux> <347AB684 . 18F4 @ ebo . dec . com> 
1997-11-25-11:29:08 Arjo Mukherjee:
> Even though the VPNs are using shorter length keys than some may
> consider SECURE (eg 40 instead of 128), some of the products are
> actually exchanging modified keys rather frequently (say in the
> ballpark of tens of minutes). Hence, it may not be that easy to break.
> In other words, the keys are not kept constant, thus it makes it a bit
> harder to crack.

That certainly buys you a little extra protection against a successful
and sustained session hijack, but it does nothing useful for protecting
the secrecy of a logged session; since breaking 40-bit keys takes only
hours, the hypothetical intruder can discover what you sent and received
reasonably quickly. And it it takes hours today it'll take minutes Real
Soon Now (tm).

-Bennett
References:
Indexed By Date Previous: Re: milkyway
From: Alan Hill <hilla @ fonorola . com>
Next: RE: DMZ + MSPROXY - Explained
From: "Stackpole, Bill" <BSTACKPO @ sla . com>
Indexed By Thread Previous: Re: R: strong encryption for Europeans
From: Arjo Mukherjee <mukherjee @ ebo . dec . com>
Next: Re: R: strong encryption for Europeans
From: Ted Doty <ted @ iss . net>
Google
 
Search Internet Search www.greatcircle.com