Slashdot Mirror

← Back to Stories (view on slashdot.org)

New report reveals vulnerability in security

Posted by CowboyNeal on Thursday January 14, 1999 @08:51PM from the feel-safe?-not-anymore dept.

jgalun writes "An article on ScienceDaily reports on building machines, for $60,000, that can break 56bit keys in 10 hours. Anything under 80 bits is vulnerable. Meanwhile, most banks are using 40 bit protection and the US is restricting export of greater than 56 bit encryption software. " This doesn't surprise me that much, remembering the "Deep Crack" machine that conquered DES-II-2.

1 of 20 comments (clear)

Min score:

Reason:

Sort:

Too big to be nits by pdqlamb · 1999-01-14 21:59 · Score: 2

There are a couple of errors in this article. First, export versions of the more popular browsers have 40-bit encryption; domestic versions have 128-bit. Although with this increase in cracking speed, I sort of wonder for how many years even 128-bit encryption will be secure - that's the size the AES hopes to formalize in another 2-3 years. Will the crackers outpace the encryptors?

Second, it's my understanding that most (if not all) banks now use Triple DES. This gives them an effective key length of over 100 bits; maybe someone can chime in with the _right_ number. Banks are safe for now.