Banks and 128 bit DES

Tue, 21 Mar 2000 09:44:50 (NZST)

Ian G Batten <I.G.Batten@ftel.co.uk> writes:

>My browser doesn't mention "SSL 128 BIT DES encryption", though obviously it
>mentions 56 bit DES and 168 bit triple DES. Is there a new form of 128 bit
>DES and am I out of touch?

You're out of touch.  Here's a quick tutorial on crypto as portrayed by the
trade press:

  There are two types of encryption, forteebit encryption (which is bad
  encryption because hackers can break it and steal your credit card number)
  and hunnertwenneeatebit encryption (which is good encryption because hackers
  can't break it).  Most current web browsers use forteebit encryption.
  Examples of forteebit encryption algorithms are RC4 and DES.  Outside the US
  (until recently) only banks could use hunnertwenneeatebit encryption, 
  examples of which are triple DES and RSA.  If you want your credit card to 
  be secure when you send it over the Internet, you should use 
  hunnertwenneeatebit encryption.

(I'm not just being facetious here, from my experience this is how most non-
 crypto-aware people perceive "weak" vs "strong" crypto).

Peter.