[RC5] 40 bit encryption, and what about implementation

Gerhard Strangar gerhard at brue.net
Sat Mar 16 16:04:43 EST 2002


Jeroen wrote:

> If i visit a website with 40 bit encryption, how do i know the site's key and how does the site mine?

There's only one key in symmetric encryption and one party has to
transmit it to the other one.

> If there is a man in the middle attack, the key can be 2^40 bit long :-) but still insecure.

The transmission of the key is encrypted (asymmetrically). But
asymmetric encryption is *very* slow, that's why only the key for
symmetric encryption is encrypted this way.

-- 
Fido: 2:2480/8049.2
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 1305 bytes
Desc: S/MIME Cryptographic Signature
Url : http://lists.distributed.net/pipermail/rc5/attachments/20020316/14151256/smime-0001.bin


More information about the rc5 mailing list