Bugtraq mailing list archives

Re: Non-PK encryption not vulnerable via low key length?!

From: perry () imsi com (Perry E. Metzger)
Date: Sat, 18 Mar 1995 12:07:06 -0500


"John B. Brown" says:

This is the crux of the matter. RC2 and RC4 are _not_ public key systems. 
They are conventional secret key algorithms, in the same class as DES or 
IDEA.


      If they are in the same class as DES, then they are in
BIG trouble! The $1M machine proposed by Michael J. Weiner in
`Efficient DES Key Search' does in DES in 3.5 hours. according
to the 'math'.


Saying that they are conventional cryptosystems like DES does not
imply that a the Weiner & Oorschot machine could be used against
them. In particuler, specialty DES hardware is useless against other
systems, but even more importantly, key length is (potentially) much
longer for RC2 and RC4, and every bit added to the key doubles the
time for a brute force attack.

.pm

Current thread:

Re: Non-PK encryption not vulnerable via low key length?!, (continued)
- - - Re: Non-PK encryption not vulnerable via low key length?! sameer (Mar 25)
    - Re: Non-PK encryption not vulnerable via low key length?! Software Test Account (Mar 25)
- Re: Non-PK encryption not vulnerable via low key length?! Jake Hill (Mar 17)
- Re: Non-PK encryption not vulnerable via low key length?! John B. Brown (Mar 17)
  - GNU finger 1.37 executes ~/.fingerrc with gid root Thomas Roessler (Mar 17)
    - Re: GNU finger 1.37 executes ~/.fingerrc with gid root Christian Wettergren (Mar 20)
    - cancel subscription Saeid Sadeghi (Mar 20)
  - Re: Non-PK encryption not vulnerable via low key length?! Julian Assange (Mar 17)
  - nfsbug leaving file systems mounted Dr. Frederick B. Cohen (Mar 18)
- Re: Non-PK encryption not vulnerable via low key length?! John B. Brown (Mar 17)
  - Re: Non-PK encryption not vulnerable via low key length?! Perry E. Metzger (Mar 18)