Interview

Expert deconstructs the cracking of 64-bit key

Edward Hurley, News Writer
Is a 128-bit key safe enough? Should encryption users consider even bigger keys?
A 128-bit key should be safe until and unless quantum computers become viable. And then 256-bit keys should be fine. However, there's no reason to go past that. While many algorithms support longer keys, they aren't tested very well with them and may actually be weaker with longer keys. Security people are conservative, and it's always a good idea to stick to things that are well-tested. I consider it the mark of a duffer to use Blowfish in 448-bit mode (its maximum) or some other algorithm in 512-bit mode. While it was fashionable a decade ago to make algorithms with these huge variable sizes, they haven't been tested at all.
FOR MORE INFORMATION:

    Requires Free Membership to View

SearchSecurity.com news exclusive: "Beware of PGP con job"

Best Web Links on encryption


Feedback on this story? Send your comments to News Writer Edward Hurley
How long did it take them to find the right combination?
They took 1,757 days. That's four years and almost 10 months. A total of 331,252 people tested a total of 15,769,938,165,961,326,592 keys. They ran through about 85% of the total key space, which means they were about as unlucky as my wife was.

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: