On Thursday 20 December 2001 15:37, Jon Farmer stuffed this into my mailbox:

256 bit encryption should be crackable by not too much more people than 
Microsoft, the US government, China and perhaps some others with shitloads of 
money that CAN dissapear (within reasonable time). Else there will be 
questions. Personally I found it hard to believe as well. But I'm told that 
you can have the same power for like $ 100.000,- by buying the best 
price/performance now. Make no mistake, those machines only need a mainboard, 
cpu, cooler, powersupply and a network card. Even better, we're thinking 
about x86 hardware (you and me) be appearantly there is hardware on the 
market that was specifically crafted to decrypt stuff brute force. One of 
those would probably match like a 100 or maybe even a 1000 of the P-II 266 
distributed.net has. Now if you're sure you can make $ 200.000,- by the 
credit card numbers/other info you gain from cracking it, it is already worth 
the effort.

Btw, an Athlon 1400 does 5,3 MKeys per SECOND (RC5-64)!! and those are damn 

> > I urge you strongly to advise against that. Although it might be possible
> to
> > downgrade your encryption to 40bit I'd like to make you aware of the fact
> > that DES which is 56 bit encryption if I'm not mistaken was cracked
> several
> > times by brute force in UNDER 22 hours by the distributed.net people
> > (www.distributed.net). Therefore I would NOT consider 40 bits encryption
> safe
> > and I feel obligated to make you aware of that. You are warned now :-) so
> do
> > as you please.
> Erm, yeah true.... but by their own admission they used the equivalant of
> 160000 PII 266Mhz machines to accomplish this. If you think someone is
> going to want your data and has those kinda resources available then yeah
> go for higher. However if thats your worry where are you going to stop in
> the length of your key? If your that paranoid then it shouldn't be using
> public networks in the first place!!

PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Reply via email to