[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: IPv6 Security Last Call Initial Questions

bound@zk3.dec.com says:
> >Just to repeat -- any exportable algorithm is too weak to provide any
> >security. This is the case with all these 40 bit key algorithms. You
> >can break them over the weekend in your lab.
> I have heard this but not from what "I" consider the experts (e.g.
> Bellovin, Karn, Kent, Kaufmann, Eastlake, S. Crocker, Nessett, Tardo,
> Linn, and others).  


I believe J.I. is monitoring this mailing list, so I'll let him speak
for himself, but he figured out for me last year when he was playing
with RC4 that 40 bit RC4 could be broken with the resources he had
available at the CS department at Columbia in a few days. If you like,
I'll try to make sure that he posts figures.

I'll point out that I consider anything that can be broken for under
$1,000,000 to be completely unacceptable given my interests in the
banking community, and DES already is dangerously weak in that regard
-- I'd almost prefer standardizing on 3DES. 40 bits by my measure is a
complete joke.