Fun_People Archive
26 Jul
The Seven Cryptographers answer a shadowy opponent
Content-Type: text/plain
Mime-Version: 1.0 (NeXT Mail 3.3 v118.2)
From: Peter Langston <psl>
Date: Fri, 26 Jul 96 22:05:26 -0700
To: Fun_People
Subject: The Seven Cryptographers answer a shadowy opponent
Excerpted-from: TBTF for 7/21/96: Internesia
by: dawson@world.std.com (Keith Dawson)
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
To read this issue of TBTF on the Web see
<http://www.atria.com/~dawson/tbtf/archive/07-21-96.html>
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
||| The Seven Cryptographers answer a shadowy opponent |||
The Three Tenors are much in the news this week as they begin another con-
cert tour. They've got nothing on the Seven Cryptographers. Last January
the seven issued a report [1] analyzing the cryptographic strength, ex-
pressed as key length in bits, necessary to protect data in the face of
a brute-force computational attack. The report came out of a meeting in
November 1995 of the seven -- Matt Blaze, Whitfield Diffie, Ron Rivest,
Bruce Schneier, Tsutoma Shimomura, Eric Thompson, and Michael Wiener --
sponsored by the Business Software Alliance. Their paper characterizes a
range of potential opponents, from the garden-variety hacker up to the
national intelligence agency assumed willing to spend tens or hundreds of
millions of dollars on key recovery. The conclusions are that (1) the
40-bit encryption approved for export from the U.S. offers virtually no
protection today; (2) the most serious threats now suggest a minimum key
length of 75 bits; and (3) those designing systems to protect data for
the next 20 years should use keys at least 90 bits long. Actual designs
would use keys two or three times as long as these conservative guide-
lines.
Recently a four-page document intended to cast doubt on these conclusions
has been circulated to members of Congress. The document is not signed
and carries no indication of its origin. Matt Blaze and Whitfield Diffie
were told the document originated in the National Security Agency. On June
18 Blaze and Diffie posted a note [2] to the Cypherpunks mailing list to
shine light on the anonymous rebuttal document and to rebut it in turn.
If the document was indeed authored within the NSA it doesn't display the
agency's vaunted cryptographic expertise; its arguments are easily
demolished. And why did it take six months to write?
I was alerted to this exchange by Jon Callas <jon@worldbenders.com> and Dan
Kohn <dan@teledesic.com>.
[1] <http://www.bsa.org/policy/encryption/cryptographers.html>
[2] <http://www.atria.com/~dawson/tbtf/key-length.html>
© 1996 Peter Langston