On Fri, 5 May 2006, Troy Benjegerdes wrote: > What is the status on rxgk and getting rid of DES keys in the afs server > keyfiles? > > plain old DES keys are getting close to being trivially easy to attack. > What are the risks that someone could stiff AFS traffic and 'recover' > your AFS Keyfile?
Umm. It's not "trivially easy" right now. A group just recently cracked an old german Enigma key in about a month. (http://www.bytereef.org/m4_project.html) By comparison, DES keys are much, much harder. I've no doubt that Governments with a serious cryptanalysis budget could crack them, but for most of us, our data isn't of great interest to goverments. Basically, we want to protect from hackers and other simple snoops. Hackers, I think, don't have these resources. Though, it might be interesting to try to reformulate the EFF DES cracking machine with the latest generation of FPGAs, and see what the cost would be... That said, it would be nice to get better ciphers sometime before the DES does become trivially breakable. ;-) --Dean > _______________________________________________ > OpenAFS-devel mailing list > [email protected] > https://lists.openafs.org/mailman/listinfo/openafs-devel > > -- Av8 Internet Prepared to pay a premium for better service? www.av8.net faster, more reliable, better service 617 344 9000 _______________________________________________ OpenAFS-devel mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-devel
