[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: IPv6 Security Last Call Initial Questions
On Mar 29, 3:41pm, Theodore Ts'o wrote:
> IP issues aside, what's the strength of CDMF?
Yes, I must admit that it's not one I have ever seen a description of.
Is anyone in a position to post or direct us to an algorithm description?
> My understanding of 40
> bit RC4 is that it doesn't give away anything about the NSA's ability to
> crack cyphers. 40-bit RC4 is reportedly quiet easy for anyone to
Presuming that what was posted to the net recently was actually RC4 (which
on the weight of evidence so far seems likely), I have not seen any reasonable
cryptanalytic attacks on the cipher if it is used properly. RSA is
supposed to possess a whole bunch of studies of it, but they are not making
them public at this stage, as far as I know.
As for the time required to break a 40 bit key, I'd suggest that someone
actually try it. The key schedule needs 256 iterations of a data-dependent
loop, and optimizations which would reduce that time are certainly NOT
obvious. I'd say that RSA's own estimate of 200 MIP/years to crack the
cipher is fairly accurate. Sure, it's doable. But it's not a kid-with-a-PC-
in-a-week proposition. It's barely an engineer-with-a-large-MP-system-in-
a-work proposition, in fact.