[NTLUG:Discuss] OT: Cryptography Key Length
Chris Cox
cjcox at acm.org
Sat May 26 17:11:55 CDT 2007
Dennis Rice wrote:
> Just wanting to start a general topic discussion regarding encrypting of
> a message. I am assuming that all have some familiarity with GPG (alias
> PGP) in the open source world.
>
> The old legal limits to encryption using a symmetric key was 56 bits,
> and is now 128 if I understand correctly. Today, I am under the
> impression that an asymmetric key is equivalent to a shorter symmetric key.
>
:)
http://www.bis.doc.gov/encryption/default.htm
To fly fairly clean (regulations are messy)... <=64 bits symmetric and
<=1024 bits asymmetric seems to be the rule (no promises on that...
read it yourself).
However, there are rules and such that can be followed to allow
for greater lengths. I think the above is just if you don't want
to have to ask "Mother, may I?"
There are some specific exemptions for certain technologies (e.g.
network encryption and such... which just shows the government's
lack of understanding of things).
And of course, we're talking about export. Obviously you can
create keys of any length to your hearts content.
More information about the Discuss
mailing list