> Are you asserting that there exists a group that can brute-force a 64-bit key
> in a few seconds?
First, thanks for the correction on the RC5-64 project.
Short answer: no, I am not asserting a group exists that can brute-force a
64-bit key in a few seconds. I am asserting that it's plausible such a group
might exist, and if so it is probably a First World intelligence agency.
The EFF's DES cracker ("Deep Crack"), built in 1998 using now 13-year-old
technology, exhausts a 56-bit keyspace in nine days at a cost of $250,000. A
64-bit keyspace is only a factor of 250 harder, and brute-forcing is
parallelizable. Set up 250 Deep Crack-style machines in parallel and you're
out $60 million, plus building space and personnel... call it $100 million
total. Scale this machine up to $1 billion and you're looking at some pretty
quick keyspace exhaustion.
Megacorporations will probably not be willing to drop that kind of coin on
dedicated key crackers, but if bin Laden's current GPS coordinates were
protected by RC5/64 you'd see Fort Meade's chip fab line working
round-the-clock shifts.
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
