DES export regulations. And what to do about it!

Heiko Blume src at scuzzy.in-berlin.de
Fri Jan 4 13:26:37 AEST 1991


bhoughto at pima.intel.com (Blair P. Houghton) writes:
>Ob. internals:
>Yes, RSA is more nasty than DES, but DES is still virtually
>infallible.

since it has not been proven, that there isn't a much faster
algorithm than the published one, it's quite possible that
the NSA has added some bogus stuff to the algorithm. that way
they can break crypted data easily while the others have a
hard time with the slower algorithm. also, why do you think
did they shorten the key from 128 to 56 bits in the first place?

  How much "harder" is it to crack an RSA'ed password than
>a DES'ed one?

potentially very much, since you can make your keys (passwords) longer
when the crackers' machines speed catches up. how about a key with
1000 *digits* compared to 56 *bits* ?!

besides, DES still has the problem of how to securely exchange the password
and the authentification lack.
-- 
      Heiko Blume <-+-> src at scuzzy.in-berlin.de <-+-> (+49 30) 691 88 93
                    public source archive [HST V.42bis]:
        scuzzy Any ACU,f 38400 6919520 gin:--gin: nuucp sword: nuucp
                     uucp scuzzy!/src/README /your/home



More information about the Comp.unix.internals mailing list