[OpenAFS-devel] rxgk and better-than DES keys?

Dean Anderson dean@av8.com
Fri, 5 May 2006 19:18:53 -0400 (EDT)


On Fri, 5 May 2006, Troy Benjegerdes wrote:

> What is the status on rxgk and getting rid of DES keys in the afs server
> keyfiles?
> 
> plain old DES keys are getting close to being trivially easy to attack.
> What are the risks that someone could stiff AFS traffic and 'recover'
> your AFS Keyfile?

Umm. It's not "trivially easy" right now.  A group just recently cracked an old
german Enigma key in about a month.  (http://www.bytereef.org/m4_project.html)
By comparison, DES keys are much, much harder.  I've no doubt that Governments
with a serious cryptanalysis budget could crack them, but for most of us, our
data isn't of great interest to goverments.  Basically, we want to protect from
hackers and other simple snoops.  Hackers, I think, don't have these resources.  

Though, it might be interesting to try to reformulate the EFF DES cracking
machine with the latest generation of FPGAs, and see what the cost would be...

That said, it would be nice to get better ciphers sometime before the DES does
become trivially breakable. ;-)

		--Dean


> _______________________________________________
> OpenAFS-devel mailing list
> OpenAFS-devel@openafs.org
> https://lists.openafs.org/mailman/listinfo/openafs-devel
> 
> 

-- 
Av8 Internet   Prepared to pay a premium for better service?
www.av8.net         faster, more reliable, better service
617 344 9000