Using gpg for french law

Simpson, Sam
Thu, 3 Aug 2000 15:09:57 +0100

> -----Original Message-----
> From: John C. Place []
> Sent: 03 August 2000 14:31
> To: Simpson, Sam
> Cc:
> Subject: Re: Using gpg for french law
> On Thu, Aug 03, 2000 at 02:52:04PM +0200, Bruno Vidal wrote:
> > Hi I've succeded to compil and use gpg, it works fine, but now
> > I've a problem to use it in france. The law in france allow only
> > 128bits key. So my question is: is it possible to use gpg with
> > 128bits key ? In fact I've already made modifications to use it
> > with 128bits, but I succeded to create small key and crypt
> > message with it, but I'm unable to decrypt it :-( So there is a
> > solution or not ?
> >
> I am not a crypto expert but blowfish is 128bit (or less?).
Blowfish can accept key sizes from 1-byte (totally insecure) up to 448-bytes (overkill :)).
> ELG key is a
> diferent scale all together, and only it only encripts the 128 bit
> blowfish session key. That bit count on a ELG key is how large the
> number to be factored is.
The strength of Elgamal is not based on the difficulty of factoring but a similar problem (the discrete log problem).
> They are not compairable to each
> other as far
> as strength. I don't know is this is going to help but I thought I
> would throw that out there. Also a 128bit ELG key I think would be
> pretty insecure because as far as a computer is concerned that is a
> small number to be factored. I am not a math guru but it seems that way
> to me.
128-bit Elgamal keys could be trivially broken.
> Good Luck
> John
It's hard to offer equivalencies for "high-end" keys because nobody has broken them, but at the low end I'd offer the following general indicators (note this e-mail only talks about "hardness" in terms of TIME not SPACE): Bruce Schneier indicates that a 56-bit DES symmetric key is around 50 times harder to break than a 512-bit RSA key. Both 768-bit RSA & 80-bit symmetric ciphers are probably impossible to break at the current time, but only just so. 1,024-bit RSA & 100-bit symmetric ciphers will be secure for the "foreseeable future" (whatever that means). Certicom suggests: ===================================== Block Cipher RSA Keylength Key Length ===================================== 80 1024 112 2048 128 3072 192 7680 256 15360 ===================================== Unless the algorithms are less secure than expected, or computing power improves drastically, I'd suggest that 3072-bit RSA & 150-bit symmetric keys will not be broken in my lifetime. (PS: all of the comments relating to RSA above apply equally to Elgamal. In fact, every indicator available points to Elgamal being stronger than RSA. For example, it's been estimated that the resources used to crack a 512-bit RSA key could only break a Elgamal in a prime field with a characteristic of 365-bits). Hope this helps a bit? Regards, Sam Simpson -- Archive is at - Unsubscribe by sending mail with a subject of "unsubscribe" to