[RC5] After what time period does information loss its sensitivity?

Eric Folley efolley at moon.jic.com
Wed Jun 2 22:25:50 EDT 1999


At 2:20 AM +0100 6/2/99, Alan Bell wrote:

>I believe
>that even if the project takes 10 years to complete it still proves that
>rc5-64 encryption is not strong enough to project extremely sensitive data
>e.g government files. If anyone else looked at the FBI file releases you
>will have noticed that they still do not tell us very much, if not anything
>at all about cases that are some 20 years old. Probably because the sensored
>bits are still considered confidential.

The same concerns also apply to corporate data, and depending on who you
are, to your personal data as well. The fact that a single message
encrypted with a 64-bit key might not be crackable in a relatively short
period of time *now* is irrelevant if you need that message secured for the
long haul. If your data will still be sensitive in 20 years, you have to
think about what kind of computing power will be available then. And there
are other things you might also want to consider, like breakthroughs in the
factoring of large numbers.

So think of it this way: in 1979, your data encrypted with 64 bits was
probably secure from anyone except, maybe, the NSA. In 2019, I'm willing to
bet that the kid next door along with his school friends would stand a fair
chance of breaking your 64-bit encyption in no time.

There is also a consideration that needs to be made regarding scale. If you
are an individual and have relatively few encrypted files, it's no problem
to always use the latest and greatest to re-encrypt them at your
convenience to stay ahead of the cracking curve. If you are a large
organization, with perhaps tens or hundreds of thousands of encrypted
files, and installed software that relies on that cryptosystem for
workflow, it's not so easy to switch systems. And if you are an
organization that relies upon a particular cryptosystem that is shared by
vendors and customers for transactions, then you are basically stuck --
nobody moves until everybody moves.

Later...

--
Eric Folley
Alexandria, VA  USA
efolley at moon.jic.com
http://208.135.208.15/home/


--
To unsubscribe, send 'unsubscribe rc5' to majordomo at lists.distributed.net
rc5-digest subscribers replace rc5 with rc5-digest



More information about the rc5 mailing list