RE: [U2] Encrypt Algorithms
John, Thanks for your useful insights. From what I read, DES-III was indeed cracked in 1999 by a brute force attack, by a program that generated 199 billion keys per second. http://gilchrist.ca/jeff/distrib-des3.html And as you've noted, Joe Hacker doesn't usually have enough hardware, time, or resources to check over 72,057,594,037,927,936 keys to find yours. For those interested in encrypting some 'data at rest', I learned from Nik @ IBM today that UV 10.2 will have auto encryption. Some on this list have probably already read this from the 10.2 release highlights but this was news to me. In UV 10.2 (not sure the UD version that will have the same) you will simply specify what files or fields you want encrypted when at rest. When you write or read UV will encrypt/decrypt as part of the intrinsic i/o methodology. This is good news - now to weigh the other heart aches that may be involved in an upgrade oh yes ... 10.1 and 10.2 have the AES 256bit cipher. Which is what the US Fed govt has standardized on http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf -Baker I believe DES was cracked in a day using massively parallel computing. I don't know about DES3. We're using the DES3 capability built into UV. I think any encryption is going to be crackable given enough time and money on the part of the cracker. You have to ask yourself how valuable is the data I'm encrypting, and who is it valuable to. If you want to keep your data hidden from the intelligence services of a major government (eg. you work for a DOD sub-contractor), then you've got your work cut out for you. If you want to keep some credit card numbers hidden from Joe Hacker, probably any 128-bit encryption method is enough to send him looking for easier prey. This is all just my opinion of course. -John --- u2-users mailing list u2-users@listserver.u2ug.org To unsubscribe please visit http://listserver.u2ug.org/
[U2] Encrypt Algorithms
Does anyone have an opinion about which are the best encryption algorithms to use? If you have any technical doc citations this is very useful. Would you NOT use the U2 Encrypt function simply because it doesn't offer the algorithm you need (or one mandated by your client/employer)? Would you NOT use the U2 Encrypt function simply because it doesn't offer 256 or 512 bit encryption? (Only goes to 168.) Do you think a certain algorithm should be AVOIDed because it's been cracked? I've heard des3 has been cracked, but not sure which mode (cbc, cfb, or ofb) was cracked, or whether it matters. The discussion can take in other encryption methods, openssl, gpg, etc. U2 offers rc4, des3, rc2, rc5 - I'm not listing anything 128 bit. TIAA, R. Baker Hughes UniVerse Programming Mouser Electronics, Inc. (817) 804-3598 * [EMAIL PROTECTED] * --- u2-users mailing list u2-users@listserver.u2ug.org To unsubscribe please visit http://listserver.u2ug.org/
RE: [U2] Encrypt Algorithms
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Baker Hughes Sent: Friday, August 25, 2006 1:35 PM To: u2-users@listserver.u2ug.org Subject: [U2] Encrypt Algorithms Do you think a certain algorithm should be AVOIDed because it's been cracked? I've heard des3 has been cracked, but not sure which mode (cbc, cfb, or ofb) was cracked, or whether it matters. The discussion can take in other encryption methods, openssl, gpg, etc. U2 offers rc4, des3, rc2, rc5 - I'm not listing anything 128 bit. I believe DES was cracked in a day using massively parallel computing. I don't know about DES3. We're using the DES3 capability built into UV. I think any encryption is going to be crackable given enough time and money on the part of the cracker. You have to ask yourself how valuable is the data I'm encrypting, and who is it valuable to. If you want to keep your data hidden from the intelligence services of a major government (eg. you work for a DOD sub-contractor), then you've got your work cut out for you. If you want to keep some credit card numbers hidden from Joe Hacker, probably any 128-bit encryption method is enough to send him looking for easier prey. This is all just my opinion of course. -John --- u2-users mailing list u2-users@listserver.u2ug.org To unsubscribe please visit http://listserver.u2ug.org/
