Nelson Bolyard wrote:
I point this out only to show that no single table is "gospel" truth.
Right. The only gospel truth is ... who is crunching what
algorithm today? All of the secret key algorithms are (by
gospel) secure, because nobody's crunching them. Roughly
speaking.
Things recently changed *academically* for some digests,
but not practically. Again, academically, algorithms like
DES and RC4 have been shown to have problems. In the
software world there is plenty of academic incentive to
move to AES.
But, this just provides goal posts, or benchmarks. For
the average user - Mozilla's marketplace - any shipped
algorithm is still pretty darn good.
Users facing special threats should take special precautions.
For the rest of us, any bit-length in common usage is better
than nothing.
...
That's why I wrote that the new limit on DH field sizes would be NO MORE
than (implying, possibly (much) less than) 2236 bits.
Anything around 1024 seems to be fine, IMHO. Anything
more would be a bonus.
iang
_______________________________________________
mozilla-crypto mailing list
[EMAIL PROTECTED]
http://mail.mozilla.org/listinfo/mozilla-crypto
