sorry it was rejected the first time so there might be some garbage in it
Whow, I'd have to check that :-) any crypto people here? :-) bitwise 56 is > 40. Mathematically it would take a lot less time to brute force 40 bit than it would 56 bit. 40 bit = (2^40) 1.0995116278e+12 (1.099.511.627.800 possible options) 56 bit = (2^56) 7.2057594038e+16 (72.057.594.038.000.000 possible options) I'm am no crypto expert whatsoever, but it looks to me like you're done a lot faster if you only have to test for only 1.099.511.627.800 keys than for 72.057.594.038.000.000. The 56bit keys were cracked under 22 hours several times far as I know. Ofcourse this is also a quesion of luck. You might be a real lucky ass and get the correct key the first try. Then again you might be an unlucky ass and get the key at the last one to try..... Once again, I'm NO crypto expert whatsoever. But it appears to me that 40bit encryption can't have more keys than that fit in 40 bits? Then again, maybe they mix several alghorythms........ I'd have to check.. I'm also sending this to distributed.net mailing lists. There are some crypto experts there, maybe they can shed some light on it. > Hang on, correct me if I'm wrong, but isn't 56bit DES significantly > different from 40-bit SSL (which uses a 40bit key for the public key > crypto and something like a 3000bit key for the symmetric cipher used for > the actual data transfer). > > What I mean is, DES is significantly weaker than the weakest part of > standard 40bit SSL yes? > > If I'm wrong, arent a lot of people putting a lot of confidence in > something that really isnt secure (i.e. all SSL sessions...)?? ------------------------------------------------------- -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
