Banks and 128 bit DES
Ben Laurie
ben at algroup.co.uk
Mon, 20 Mar 2000 14:17:53 +0000
Ian G Batten wrote:
>
> > > My browser doesn't mention "SSL 128 BIT DES encryption", though
> > > obviously it mentions 56 bit DES and 168 bit triple DES. Is there a
> > > new form of 128 bit DES and am I out of touch?
> >
> > No.
>
> I thought that `Step Up' certificates, and the new US export
> regulations, placed a limit at 128 bits? It's possible that the bank's
> let the cat out of the bag, and they're using 3DES with 40 fixed bits.
Hmm. Although 3DES uses 168 bits, it has an effective strength of 112
bits. The 128 bit limit is simply due to their being no available
symmetric ciphers that are stronger. Until AES+a few years, that is.
Cheers,
Ben.
--
SECURE HOSTING AT THE BUNKER: http://www.thebunker.net/hosting.htm
http://www.apache-ssl.org/ben.html
Coming to ApacheCon Europe? http://ApacheCon.Com/