home *** CD-ROM | disk | FTP | other *** search
- Newsgroups: sci.crypt
- Path: sparky!uunet!gatech!usenet.ins.cwru.edu!magnus.acs.ohio-state.edu!cis.ohio-state.edu!pacific.mps.ohio-state.edu!linac!uchinews!machine!chinet!schneier
- From: schneier@chinet.chi.il.us (Bruce Schneier)
- Subject: Re: Real question re DES vs IDEA cipher
- Message-ID: <BzsH0G.9yz@chinet.chi.il.us>
- Organization: Chinet - Public Access UNIX
- References: <1hcp41INNdi4@rave.larc.nasa.gov>
- Date: Fri, 25 Dec 1992 00:21:52 GMT
- Lines: 28
-
- In article <1hcp41INNdi4@rave.larc.nasa.gov> palmer@icat.larc.nasa.gov (Michael T. Palmer) writes:
- >What size key does IDEA use? Is the length sufficient to stand up against
- >brute force attacks? I mean, if you can brute force it then why bother
- >encrypting the session key with RSA (as in PGP and RIPEM)? Nobody has to
- >worry about the public key stuff, they can just go right after the plain
- >text.
- >
- >Since I've seen here that IDEA might end up in an update of RIPEM, I was
- >just wondering if it offered more security than DES (in CBC mode). Please,
- >forgo the legal asides concerning the algorithms and respective export or
- >patent laws. I'm just interested in what key sizes the different ciphers
- >use.
-
- IDEA uses a 128-bit key, compared to DES's 56-bit key. There isn't time
- left before the heat death of the universe to mount a brute-force attack
- against IDEA.
-
- Now, for the caveat. IDEA is still a new algorithm. It is possible that
- there is an attack against the algorithm that is significantly better than
- brute force. Several academic institutions, and the militaries of several
- countries, are examining the algorithm. So far no one has found anything,
- or at least no one has publicly admitted to finding anything. IDEA looks
- real good, but it's too soon to make any confident statements.
-
- I am more confident with triple-DES (112-bit key), but that takes a whole
- lot longer than IDEA.
-
- Bruce
-
