
	Where results make sense

Topic: Key lengths

Related Topics

Key West, Florida

The Lesser Key of Solomon

key cryptography

key music

public key cryptography

Key West

Florida Keys

asymmetric key algorithm

Alicia Keys

symmetric key algorithm

public key

Cryptographic keys

In the News (Sun 27 Dec 09)

Northern Trust

Marvin Harrison

Peter Chernin

Gary Locke

Match Play

Penelope Cruz

Mickey Rourke

AR Rahman

Danny Boyle

Hugh Jackman

	RSA Laboratories - A Cost-Based Security Analysis of Symmetric and Asymmetric Key Lengths
		It is clear that the size of a key must be tied to the value of the data being protected by the key and also tied to the expected lifetime of that data.
		Other attempts to define key sizes, such as Lenstra?s and Odlyzko?s [9] have based their estimates on the assumption that most of the CPU cycles on machines attached to the Internet will be available for attacks.
		It is our belief that measuring key size equivalents in terms of what can be broken in a given amount of elapsed time and with a given amount of money is closer to measuring the true equivalence between different public key methods.
	www.rsa.com /rsalabs/node.asp?id=2088 (7581 words)

	Key (cryptography) - Wikipedia, the free encyclopedia
		Keys are also used in other cryptographic algorithms, such as digital signature schemes and keyed-hash functions (also known as MACs), often used for authentication.
		A newer class of "public key" cryptographic algorithms was discovered in the 1970s which use a pair of keys, one to encrypt and one to decrypt.
		When a password (or passphrase) is used as an encryption key, well-designed cryptosystems first run it through a key-derivation algorithm which adds salt and reduces or expands it to the key length desired, for example by reducing a long phrase into a 128-bit value suitable for use in a block cipher.
	en.wikipedia.org /wiki/Key_(cryptography) (854 words)

	Key size
		In cryptography, the key size (alternatively key length) is a measure of the number of possible keyss which can be used in a cipher.
		The length of a key is critical in determining the susceptibility of a cipher to exhaustive search attacks.
		As of 2002, a key length of 1024 bits was generally considered the minimum necessary for the RSA encryption algorithm.
	www.sciencedaily.com /encyclopedia/key_size (1113 words)

	Cryptography:Key Lengths - Wikibooks
		In modern cryptosystems, key length is measured in bits (i.e., AES uses 256 bit keys), and each bit of a key increases the difficulty of a brute-force attack exponentially.
		These implementations use the public key system (generally either RSA or ElGamal) to encrypt a randomly generated block-cipher key (128 to 256 bits) which was used to encrypt the actual message.
		Equal to the importance of key length, is entropy.
	en.wikibooks.org /wiki/Cryptography:Key_Lengths (352 words)

	Cryptography
		If a cryptosystem uses a key or a password, it is at risk from an exhaustive search; this is very commonly the weakest point in such systems.
		Symmetric key ciphers use the same key for encryption and decryption, or a little more precisely, the key used for decryption is "easy" to calculate from the key used for encryption.
		This means that someone can freely send their public key out over an insecure channel and yet be sure that only they can decrypt messages encrypted with it.
	www.sciencedaily.com /encyclopedia/cryptography_1 (2240 words)

	rfc3766
		While it is fairly easy to express the system strength requirements in terms of a symmetric key length and to choose a cipher that has a key length equal to or exceeding that requirement, it is harder to choose a public key that has a cryptographic strength meeting a symmetric key strength requirement.
		Diffie-Hellman Key Exchange A Diffie-Hellman key exchange is done with a finite cyclic group G with a generator g and an exponent x.
		Orman and Hoffman Best Current Practice [Page 17] RFC 3766 Determining Strengths for Public Keys April 2004 The usual recommendation is to use a good one-way hash function applied to he base material (the result of the key exchange) and to use a subset of the hash function output for the key.
	ietfreport.isoc.org /idref/rfc3766 (6967 words)

	RFC 2631 (rfc2631) - Diffie-Hellman Key Agreement Method
		For 3DES, which requires 192 bits of keying material, the algorithm must be run twice, once with a counter value of 1 (to generate K1', K2', and the first 32 bits of K3') and once with a counter value of 2 (to generate the last 32 bits of K3).
		Key and Parameter Requirements X9.42 requires that the group parameters be of the form p=jq + 1 where q is a large prime of length m and j>=2.
		It depends on the length of the symmetric key (typically, a 2^l security level if the length is l bits); the size of the prime q (a 2^{m/2} security level); and the size of the prime p (where the security level grows as a subexponential function of the size in bits).
	www.faqs.org /rfcs/rfc2631.html (2700 words)

	Key management and protection: Internet Protocol Security (IPsec) (Site not responding. Last check: 2007-10-17)
		Keys are used in conjunction with algorithms (a mathematical process) to secure data.
		Every time the length of a key is increased by one bit, the number of possible keys doubles, making it exponentially more difficult to determine the key.
		Thus the session keys are used to protect the data, and they have lifetimes based on the amount of data sent and the amount of time elapsed since the key started being used.
	www.microsoft.com /technet/prodtechnol/windowsserver2003/library/serverhelp/ec4bc2a7-3e89-48c1-a16c-7dab4a2a1190.mspx (1772 words)

	Minimal key lengths for symmetric ciphers for commercial security (Site not responding. Last check: 2007-10-17)
		Minimal key lengths for symmetric ciphers for commercial security
		"keys used to protect data today should be at least 75 bits long.
		To protect information adequately for the next 20 years in the face of expected advances in computing power, keys in newly-deployed systems should be at least 90 bits long." The full report (apparently the product of a one-day meeting of the group in Chicago on November 20) is available at: [http://www.bsa.org/bsa/cryptologists.html]
	www.ieee-security.org /Cipher/Newsbriefs/1996/960214.keylen.html (130 words)

	Citations: A Cost-Based Security Analysis of Symmetric and Asymmetric Key Lengths - Silverman (SMEALSearch) - ... (Site not responding. Last check: 2007-10-17)
		The complexity a brute force attack against 1024 bit RSA asymmetric key is equivalent to 96 bit symmetric key (effective key length of 3DES is 112 bits) Estimated time to break 96 bit symmetric key or 1 024 bits asymmetric key using brute force attack is 3 000 000 years.
		Recommended effective key length for symmetric algorithms is 96 bits and 1 024 bits for asymmetric algorithms, just to be sure.
		The increase of key length has linear effect to the performance of the algorithm but exponential effect to the security.
	smealsearch2.psu.edu /context/34497/0 (152 words)

	Zvon - RFC 3075 [XML-Signature Syntax and Processing] - Security Considerations
		Confidence by verifiers in the public key they are using and its binding to the entity or capabilities represented by the corresponding private key is an important issue, usually addressed by certificate or online authority systems.
		Keyed hash authentication codes, based on secret keys, are typically much more efficient in terms of the computational effort required but have the characteristic that all verifiers need to have possession of the same key as the signer.
		This includes the signature and digest algorithms used, the strength of the key generation [RANDOM] and the size of the key, the security of key and certificate authentication and distribution mechanisms, certificate chain validation policy, protection of cryptographic processing from hostile observation and tampering, etc.
	www.zvon.org /tmRFC/RFC3075/Output/chapter8.html (1139 words)

	Key-Experiments
		Additional Decryption Keys had got into the center of criticism because they are linked to a user's public key in a way that every attempt to use the user's public key for encryption would result in an additional encryption of the plaintext using the ADK.
		Therefore no access to the user's secret key was needed to recover the plaintext by decrypting the message with the ADK, a key which was clearly meant not to be in control of the user.
		This key produced a cryptogram which comprised a second packet with the session-key encrypted with the subkey of the DSS/DH-key whose fingerprint was in the ADK.
	senderek.de /security/key-experiments.html (7655 words)

	DNSSEC mailing list
		i do not understand how new root keys will get to all the dnssec-aware resolvers.
		Prev by Date: Re: root zone signing and key lengths/lifetimes
		Prev by thread: Re: root zone signing and key lengths/lifetimes
	www.cafax.se /dnssec/maillist/2002-10/msg00007.html (71 words)

	Zvon - RFC 3125 [Electronic Signature Policies] - Annex B (informative):
		Before an electronic signature may really be valid, the verifier has to be sure that the holder of the private key was really the only one in possession of key at the time of signing.
		The signature validation policy may identify a set of signing algorithms (hashing, public key, combinations) and minimum key lengths that may be used: * by the signer in creating the signature; * in end entity public key Certificates; * CA Certificates; * attribute Certificates; * by the time-stamping authority.
		For example, there may exist a particular file type, length and format on which the hash value is calculated which is fixed and definitive for a particular signature policy.
	www.zvon.org /tmRFC/RFC3125/Output/chapter9.html (2745 words)

	Re: Why must server and host key lengths "differ sufficiently"?
		As part of the session startup, the client generates a session key and sends it back to the server, encrypted with both the host key and server key.
		Once you've encrypted a number with RSA, the result is (in practice) always as large as the modulus.
		Which means that if you're going to try to encrypt the result again, the modulus of the second key must be at least Y bits larger than the modulus for the first.
	www.mail-archive.com /ssh@clinet.fi/msg00034.html (267 words)

	Clinton Administration Initiatives: Clipper II
		The Commercial Key Escrow initiative, dubbed "Clipper II" for its similarity to its policy predecessor, relaxed export controls on key lengths up to 64 bits provided that an encryption key was escrowed with a US government certified agent.
		The premise of the key escrow policy was to provide law enforcement and national security agencies a "front door" to be used to decrypt messages when the agency obtains proper legal authorization.
		Yet, the architects of the policy apparently were not willing to trust that key escrow systems will meet law enforcement needs inasmuch as the key length limit suggests that the Administration was intent on maintaining an extra-legal method of decrypting communications.
	www.cdt.org /crypto/admin/clipper2.shtml (940 words)

	Cryptography Research - DES Key Search
		The DES Key Search Project developed specially designed hardware and software to search 90 billion keys per second, determining the key and winning the $10,000 RSA DES Challenge after searching for 56 hours.
		The DES Key Search Machine was a collaborative project by Cryptography Research, Advanced Wireless Technologies, and EFF.
		The DES Key Search Machine uses a sieve-and-check search process that can find keys even when little is known about the plaintext.
	www.cryptography.com /resources/whitepapers/DES.html (564 words)

	RSA Laboratories Bulletin #13: A Cost-Based Security Analysis of Symmetric and Asymmetric Key Lengths (Site not responding. Last check: 2007-10-17)
		It is clear that the size of a key must be tied to the value of the data being protected by the key and also tied to the expected lifetime of that data.
		Other attempts to define key sizes, such as Lenstra’s and Odlyzko’s [9] have based their estimates on the assumption that most of the CPU cycles on machines attached to the Internet will be available for attacks.
		It is our belief that measuring key size equivalents in terms of what can be broken in a given amount of elapsed time and with a given amount of money is closer to measuring the true equivalence between different public key methods.
	www.nullify.org /docs/bulletin13/bulletin13.html (9701 words)

	Cryptographers
		The sizes of encryption keys are measured in bits and the difficulty of trying all possible keys grows exponentially with the number of bits used.
		An essential element in cryptographic algorithm design is thus the length of the key, whose size places an upper bound on the system's strength.
		All known public key cryptosystems, however, are subject to shortcut attacks and must therefore use keys ten or more times the lengths of those discussed here to achieve the an equivalent level of security.
	www.fortify.net /related/cryptographers.html (4172 words)

	Planning Guidance for Certificate Services Design for the SBO Scenario
		These routers cannot process key lengths that are greater than 2048 bits; therefore, they require a CA that supports the Simple Certificate Enrollment Protocol (SCEP).
		If there had been no key length constraints with the existing hierarchy, the SCEP extension could have been installed on one of the existing enterprise CAs.
		In the SBO scenario, certificates with a key length of 1024 bits were defined for hardware routers.
	www.microsoft.com /technet/itsolutions/wssra/raguide/CertificateServices/CrtSevcPG_3.mspx (1373 words)

	virus: virus: Key lengths (Site not responding. Last check: 2007-10-17)
		As previously hinted, I consider key lengths of less than 1k to be seriously weak (a few hours), 2k to be moderate (3 days) and 4k to be sufficient for non-critical material (for critical material, the only safe key is a one-time private key).
		While the reality of implementing the hardware discussed in the paper in a typical commercial environment is limited (costs can range upward of $1 billion), the potential for large government organizations (local and foreign) isn\'t.
		In general, our recommendation is to have all future-generated keys be larger than 1024 bits and to look at updating current keys when time and resources permit.
	www.churchofvirus.org /virus/6328.html (295 words)

	MySQL Lists: mysql: Re: key lengths
		BLOBS and TEXT columns used as indices require the length to be specifically enumerated.
		Re: key lengths - Mike Thompson, March 7 2001 2:48pm
		Re: key lengths - Jeremy D. Zawodny, March 10 2001 2:45am
	lists.mysql.com /mysql/67507 (158 words)

	[No title] (Site not responding. Last check: 2007-10-17)
		If the root private key is compromised then rogue certs could be issued.
		REALITY: The private key is password encrypted with a password that lives in someone’s head.
		Of course a disadvantage of PKC is that it contributes to a false sense of security in that it is possible for someone to embed a rogue public key in a browser (e.g.
	www.ccs.neu.edu /course/csu650/Lecture-19.doc (337 words)

	Fwd: I-D ACTION:draft-orman-public-key-lengths-00.txt
		Hilarie Orman and I put together a draft with some calculations on the size of public keys you may want to use in key exchanges.
		> >While it is fairly easy to express the system strength requirements in >terms of a symmetric key length and to choose a cipher that has a key >length equal to or exceeding that requirement, it is harder to choose a >public key that has a cryptographic strength meeting a symmetric key >strength requirement.
		This document explains how to determine the >length of an asymmetric key as a function of the length of a symmetric >key.
	bs.mit.edu /pipermail/saag/2000q1/000094.html (501 words)

	Key-Mark Key steel lengths (Site not responding. Last check: 2007-10-17)
		Key-Mark provides key steel in square and rectangular metric or imperial standards and stainless steel square bar.
		Both key steel and stainless steel are available cut to any length from 100 to 3000mm.
		Send mail to kmray@mweb.co.za with questions or comments about this web site.
	home.mweb.co.za /mw/mwkeymrk/steelbars.htm (45 words)

	MySQL Lists: mysql: Re: key lengths (Site not responding. Last check: 2007-10-17)
		The used key part isn't a string or > the used length is longer than the key part No key part can be greater than 255 in lenght.
		But multi-part keys can be longer (in total) than 255.
		Re: key lengths - Pat Sherrill, March 7 2001 1:58pm
	lists.mysql.com /mysql/67851 (170 words)

	Software Magazine - Do Configuration Management During Design & Development
		This includes which cipher suites are used and their key lengths.
		For secure cryptographic key management, keys should be stored in well-protected locations through the use of appropriate access-control mechanisms.
		Keys should never be placed in the source code or even in configuration files; developers must always assume that secrets stored in code or configuration files will be compromised.
	www.softwaremag.com /L.cfm?Doc=2005-10/2005-10-config-man (2260 words)

	Minimal Key Lengths for Symmetric Ciphers
		As cryptosystems often succumb to 'smarter' attacks than brute-force key search, it is also important to remember that the key lengths discussed here are the minimum needed for security against the computational threats considered.
		Therefore, to provide adequate protection against the most serious threats --- well-funded commercial enterprises or government intelligence agencies --- keys used to protect data today should be at least 75 bits long.
		To protect information adequately for the next 20 years in the face of expected advances in computing power, keys in newly deployed systems should be at least 90 bits long.
	www.schneier.com /paper-keylength.html (368 words)

	SSL question 128bit, 1024,2048 key lengths? - sysadminforum (Site not responding. Last check: 2007-10-17)
		the larger key would be used for asymetric encryption of the symetric key
		using PKE and that the symetric key would be the smaller 128 bit...
		supposedly the key size of the symmetric key is basically chosen
	sysadminforums.com /t160180.html (283 words)

Try your search on: Qwika (all wikis)