need explanations

Sandy Harris sandy at STORM.CA
Mon Jul 10 15:51:00 EDT 2000 

Olivier Bekoin wrote:
>
> Hello,
>
> when i go to this page (http://www.data.com/article/DCM20000510S0053),
> they write
> something that i don't understand. If you can give more explainations, i
> will
> be very happy
> They  write : "...    and the typical time-sensitivity of the data(which
> determines the key length required)."  I don't understand the part of
> this sentence which is in step 5, third line

The idea is that you can use a shorter key length for data that need
only be protected for a short time, reserving the strong security for
data that needs long-term protection. If it doesn't matter whether an
enemy gets yesterday's data, who cares if the cipher takes a month or
an aeon to break?

I consider this idea bogus for several reasons.

First, larger key length does not imply higher overheads. Several common
128-bit ciphers (Blowfish, CAST-128, even IDEA which is the slowest of
this group) are significantly faster than 56-bit DES, for example.
Blowfish can use a 400-odd bit key at no extra cost, RC4 up to 2048.
It isn't clear that this gains you anything over using a minimum
secure key size, say 128 bits, but it costs nothing.

The only times the overheads of longer keys for symmetric cipher are
actually a concern are:

   if building large keys exhausts your supply of random numbers

   if you use triple DES, which actually does take three times the
     computation that DES does
    (and roughly 10 times CAST-128 or Blowfish)

Overheads are a concern with public key ciphers. There longer keys
mean both more arithmetic and more security.

Second, you cannot predict what wiil be useful to an enemy, or how
he or she will use it. There's a long history of intelligence
folk deducing interesting things from apparently trivial data.
Deny an enemy as much data as possible, just to be on the safe
side.

In short, the notion that different symmetric key sizes should be
used for different levels of security is a myth. The only reason
there has ever been to use an inadequate key size was to comply
with export restrictions.

VPN is sponsored by SecurityFocus.COM

More information about the VPN mailing list