[3051] in cryptography@c2.net mail archive
Re: DES Applicability Statement for Historic Status
daemon@ATHENA.MIT.EDU (Enzo Michelangeli)
Thu Jul 23 09:56:55 1998
From: "Enzo Michelangeli" <em@who.net>
To: <cryptography@c2.net>
Date: Thu, 23 Jul 1998 19:27:54 +0800
-----Original Message-----
From: Arnold G. Reinhold <reinhold@world.std.com>
Date: Thursday, July 23, 1998 12:50 PM
[...]
>2. You need to defend the 80 bit minimum for short lived Internet data,
>perhaps referencing the crypto experts' report on key length. I think you
>are on shakier ground here than in the rest of the document. Some might
>think 64 bit or 72 bit keys are adequate for short term data if keys are
>changed frequently. I expect 80 bit keys to be good for a couple of
decades.
What's the point of using a 72 or 80 bit key? Speed is largely influenced by
the design of the algorithm, so there is little point in using less than (at
least) 128 bit. Unless, of course, one wants to play the game of the
"export-grade" encryption.
Also the "short term" expression should be qualified better: a SWIFT message
transferring $50M has a very short lifecycle, but quite obviously should be
well protected.
Enzo
