Hosting Provided By

Re: 40-bit VS 128-bit Encryption

From: Adam Newhard <atnewhard(at)microstrain.com>
Date: Fri Jun 20 2003 - 12:11:01 EDT

It all depends on how important you feel the username and password are;) Every encryption "can" be cracked", it's just a matter of time. I'd say use 128-bit not only b/c it's stronger, but in my experiences I'd rather spend a little bit more money on hardware that'll do 128-bit w/o any notice of lag or any real performance impact. Also, think of it this way...incorporate the ignorance of many people...what kind of facial expressions are you gonna get from your bosses when you finish the project, present it to them, and one of them thinking they really know what's going on asks how many bits of encryption there are? Then when you say 40 (even though it's something really easy to change to 128...he won't understand that), think of what kind of facial expressions he'll make. In a lot of cases, you'll get some frowns. If you're producing this for someone who isn't very competent at encryption, they'll be more pleased with buzz words than anything else. In other words, if you can get 128 w/o any real performance hit...use it...not only for protection of you against people trying to break the encryption, but also for protection of you against an angry boss. if you ever get complaints from a boss that says it's too slow for them, you always have the "you told me to do it" card, but that's not always wise. adam

Adam Newhard
Microstrain, Inc.
If vegetarians eat vegetables, watch out for humanitarians

Original Message ----- From: "Stephen Bock" <sbock@smchcn.net> To: <security-basics@securityfocus.com> Sent: Thursday, June 19, 2003 1:21 PM Subject: 40-bit VS 128-bit Encryption

> I am setting up a secure website and i was wondering which would be better
or
> 128-bit has been cracked yet? I'm not going to be transmitting any credit
What
> are your thoughts?
-
> Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
> The Gartner Group just put Neoteris in the top of its Magic Quadrant,
> while InStat has confirmed Neoteris as the leader in marketshare.
>
> Find out why, and see how you can get plug-n-play secure remote access in
> about an hour, with no client, server changes, or ongoing maintenance.
>
> Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
> --------------------------------------------------------------------------

--

>

>




---------------------------------------------------------------------------
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
The Gartner Group just put Neoteris in the top of its Magic Quadrant,
while InStat has confirmed Neoteris as the leader in marketshare.
     
Find out why, and see how you can get plug-n-play secure remote access in
about an hour, with no client, server changes, or ongoing maintenance.
          
Visit us at: 
http://www.neoteris.com/promos/sf-6-9.htm
----------------------------------------------------------------------------

Received on Sat Jun 21 13:41:58 2003

This message: [ Message body ]
Next message: Shawn K. Hall (RA/Security): "RE: MS Service Packs"
In reply to: Stephen Bock: "40-bit VS 128-bit Encryption"
In reply to Allan Schon: "RE: 40-bit VS 128-bit Encryption"
Next in thread: Paul Benedek: "RE: 40-bit VS 128-bit Encryption"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:04:59 EDT