tcp-ip-protocal-stack Private Key Protocols Continue summary-web-security Web Security Overview

Private Key Algorithms cont...

The United States government routinely approves RC4 with 40 bit keys for export. Keys that are this small can be easily broken by governments, criminals, and amateurs. This general 40 bit limit that the US government applies is one that it finds it relatively trivial to break. departments such as the National Security Agency also have access to extremely powerful supercomputers which enable them to break encryption of a much higher level.

It is interesting to note that the 40 bit exportable version of SSL, using RC4, was recently broken by at least two independent groups. Breaking it took about eight days of spare computing power in a cluster of university workstations. This sort of computing power is available in all major universities and companies and increasingly on individual desks as computing power continues to rise dramatically.

IDEA

IDEA (International Data Encryption Algorithm) is an relatively new algorithm developed at ETH Zurich in Switzerland. It uses a 128 bit key, and it is generally considered to be very secure. It is currently one of the best publicly known algorithms. It is a fairly new algorithm, but it has already been around for several years, and no practical attacks on it have been published despite of numerous attempts at analysis. Unfortunately IDEA is only widely used in European security systems, US manufactures have opted to use US encryption technologies instead, despite the superiority of IDEA over algorithms such as RC4 and DES. The 40 bit encryption limit would also prove a problem if attempting re-export technology using the algorithm from the US.

Private Key Pros and Cons

Private key algorithms are used for a variety of reasons, the chief reason is performance - they can encrypt and decrypt data streams far faster than any public key algorithm, often on the order of 1,000 to 10,000 times faster. The algorithms in use today also have relatively few security holes when used with appropriately sized keys - 40 bits is generally considered to be the minimum reasonable, 80 bits is secure against all but governments with appropriate resources and 128 bits provides security which should last for several years yet.

Contents ] DNS ] p6spy ] Weblogic Tuning ] Cactus ] The Grinder ] Word to PDF ]

©1994-2006 All text and images copyright: www.abcseo.com; last updated: