FW: [rc5] 56 bits seem to be enough
dchrist at home.com
Wed Jun 4 17:58:13 EDT 1997
I have a tendency to agree with you that 56 bits seems pretty good today.
My Pentium Pro 233 system can check about 385 Kkeys/sec.
The current rate is about 390,731 Kkeys/sec.
Thus, the current rate could be maintained by using 1014 Pentium Pro
(390,731/385), at a cost of about $1.5 million (1014 * $1500).
And even this setup still wouldn't find the key for a single message for
5.5 years (worst case, 2.75 years average case). This would make it pretty
expensive for most users, but this budget is easily within range of most
I remember reading somewhere that the US government had contracted with
to build some type of computer using a very large array (2000?) of Pentium
CPU's, so this type of setup is not infeasible.
Of course, you shouldn't forget Grove's law. CPU's will double in power
18 months. A task that will take 5.5 years today may only take 2.75 years
the next generation of CPUs. If Grove's law holds, 6 years from now the
1014 systems could crack the code in 4 months.
Therefore, if we want to adopt some sort of standard encryption method to
global, secure commerce, we should select one that will be secure for more
just a few years.
email: dchrist at home.com
PGP Key ID: 0x3C5C9E65
From: Dave Ashley [SMTP:dash at netcom.com]
Sent: Wednesday, June 04, 1997 9:04 AM
To: rc5 at llamas.net
Subject: [rc5] 56 bits seem to be enough
It would seem the stats are holding at around 5.5 years to complete the 56
bit RSA crack. The whole point of the exercise was to prove to the
government that 56 bit keys are not sufficient, and given the huge amount
of distributed computing power already involved I'm of the opinion that
instead you've managed to prove the opposite.
At any rate, what does it matter? People can still use RSA with 64 bit keys
What I wonder is if there is a better method of finding the key than
exhaustive search-and that the government knows of this method and is
keeping it secret. If they can do that what hope do we have, other than to
create custom encryption methods for each task?
dash at netcom.com
To unsubscribe, send email to majordomo at llamas.net with 'unsubscribe rc5'
in the body.
To unsubscribe, send email to majordomo at llamas.net with 'unsubscribe rc5' in the body.
More information about the rc5