Using gpg for french law

Anthony David
Fri, 4 Aug 2000 17:15:13 +1000 (EST)

"John C. Place" <> writes:

> On Thu, Aug 03, 2000 at 03:09:57PM +0100, Simpson, Sam wrote:
> > Blowfish can accept key sizes from 1-byte (totally insecure) up to
> > 448-bytes (overkill :)).
> >
> Ok, so does that mean our friend from France is out of luck because it
> is capable of going to what... a 3584 bit Encryption key? Also why I
> have your attention what benifet is twofish? Why keep it at a 128 bit
> session key? Symmetric keys usually compress faster then Public, right?
In order... What is capable of 3584 bits? Generally for a public-key algorithm it is a total waste of effort. Twofish is designed for and submitted as an AES candidate See .There are other candidates that each have their merits (except possibly MARS) A 128bit session key is far beyond what is required for security against a brute-force attack. Somewhere around 90bits is sufficient. Check out how long has been spinning cycles for to crack a 64bit RC5 key. Forgive my ignorance, but what does your compression of keys question refer to?
> With that in mind why not max out what blowfish is able to do. Have you
> heard of GnuPG supporting big keys? PGP will do 16K now. I know it is
> almost rediculus that we need that key I was nust wondering it is was
> compatable.
Why bother. PGP doing 16kbits is, as I said, a total waste of effort and is more for marketing than practical use.
> > The strength of Elgamal is not based on the difficulty of factoring but a
> > similar problem (the discrete log problem).
> >
> Ahh I stand corrrected, the manual let me to believe it was a factoring
> problem.
> > 128-bit Elgamal keys could be trivially broken.
> >
> At least I score 1... OK a half :-)
> > Hope this helps a bit?
> >
> pun? :-)
> Thanks
> John
-- ========================================================= Gambling: A discretionary tax on | Anthony David those who were asleep during high | Systems Administrator school mathematics classes | -- Archive is at - Unsubscribe by sending mail with a subject of "unsubscribe" to