Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. GnuPG>
  3. users
Using gpg for french law
bruno_vidal at hpfrcu03
Aug 3, 2000, 5:52 AM
Post #1 of 7 (580 views)
Permalink
Hi
I've succeded to compil and use gpg, it works fine, but now I've a problem
to use it in france. The law in france allow only 128bits key. So my question
is: is it possible to use gpg with 128bits key ?
In fact I've already made modifications to use it with 128bits, but I succeded
to create small key and crypt message with it, but I'm unable to decrypt it :-(
So there is a solution or not ?

Thanks.

ps: could you reply directly or cc.

--
Vidal Bruno

--
Archive is at http://lists.gnupg.org - Unsubscribe by sending mail
with a subject of "unsubscribe" to gnupg-users-request@gnupg.org
Re: Using gpg for french law [ In reply to ]
wk at gnupg
Aug 3, 2000, 6:12 AM
Post #2 of 7 (579 views)
Permalink
On Thu, 3 Aug 2000, Bruno Vidal wrote:

> I've succeded to compil and use gpg, it works fine, but now I've a problem
> to use it in france. The law in france allow only 128bits key. So my question
> is: is it possible to use gpg with 128bits key ?

If you don't use Twofish (which is not yet in the standard) your
maximum keylength is 128 bits. CAST5 and Blowfish are native 128 bit
block ciphers where 3DES is a 168 bit cipher but it's effective key
length is about 110 bits.

You mixed up the length of the public key algorithm with those of the
symmetric algorithm. You can't compare them. A 128 bit public key
does NOT provide ANY security. Even the cracked French banking card
uses more than 300 bits for the public key RSA algorithm.

Werner


--
Werner Koch GnuPG key: 621CC013
OpenIT GmbH http://www.OpenIT.de

--
Archive is at http://lists.gnupg.org - Unsubscribe by sending mail
with a subject of "unsubscribe" to gnupg-users-request@gnupg.org
Re: Using gpg for french law [ In reply to ]
jcplace at attglobal
Aug 3, 2000, 6:40 AM
Post #3 of 7 (575 views)
Permalink
On Thu, Aug 03, 2000 at 02:52:04PM +0200, Bruno Vidal wrote:
> Hi I've succeded to compil and use gpg, it works fine, but now
> I've a problem to use it in france. The law in france allow only
> 128bits key. So my question is: is it possible to use gpg with
> 128bits key ? In fact I've already made modifications to use it
> with 128bits, but I succeded to create small key and crypt
> message with it, but I'm unable to decrypt it :-( So there is a
> solution or not ?
>
I am not a crypto expert but blowfish is 128bit (or less?). ELG key is a
diferent scale all together, and only it only encripts the 128 bit
blowfish session key. That bit count on a ELG key is how large the
number to be factored is. They are not compairable to each other as far
as strength. I don't know is this is going to help but I thought I
would throw that out there. Also a 128bit ELG key I think would be
pretty insecure because as far as a computer is concerned that is a
small number to be factored. I am not a math guru but it seems that way
to me.

Good Luck
John

John C. Place
jcplace@attglobal.net
http://profile.guru.com/placej
http://placej.interactivecore.com/public_key.txt

UNIX is a very user-friendly system--it's just not promiscuous
about which users it's friendly with.

--
Archive is at http://lists.gnupg.org - Unsubscribe by sending mail
with a subject of "unsubscribe" to gnupg-users-request@gnupg.org
RE: Using gpg for french law [ In reply to ]
s.simpson at mia
Aug 3, 2000, 7:09 AM
Post #4 of 7 (576 views)
Permalink
> -----Original Message-----
> From: John C. Place [mailto:jcplace@attglobal.net]
> Sent: 03 August 2000 14:31
> To: Simpson, Sam
> Cc: gnupg-users@gnupg.org
> Subject: Re: Using gpg for french law
>
>
> On Thu, Aug 03, 2000 at 02:52:04PM +0200, Bruno Vidal wrote:
> > Hi I've succeded to compil and use gpg, it works fine, but now
> > I've a problem to use it in france. The law in france allow only
> > 128bits key. So my question is: is it possible to use gpg with
> > 128bits key ? In fact I've already made modifications to use it
> > with 128bits, but I succeded to create small key and crypt
> > message with it, but I'm unable to decrypt it :-( So there is a
> > solution or not ?
> >
> I am not a crypto expert but blowfish is 128bit (or less?).

Blowfish can accept key sizes from 1-byte (totally insecure) up to
448-bytes (overkill :)).

> ELG key is a
> diferent scale all together, and only it only encripts the 128 bit
> blowfish session key. That bit count on a ELG key is how large the
> number to be factored is.

The strength of Elgamal is not based on the difficulty of factoring but a
similar problem (the discrete log problem).

> They are not compairable to each
> other as far
> as strength. I don't know is this is going to help but I thought I
> would throw that out there. Also a 128bit ELG key I think would be
> pretty insecure because as far as a computer is concerned that is a
> small number to be factored. I am not a math guru but it seems that way
> to me.

128-bit Elgamal keys could be trivially broken.

> Good Luck
> John


It's hard to offer equivalencies for "high-end" keys because nobody has
broken them, but at the low end I'd offer the following general indicators
(note this e-mail only talks about "hardness" in terms of TIME not SPACE):

Bruce Schneier indicates that a 56-bit DES symmetric key is around 50 times
harder to break than a 512-bit RSA key.

Both 768-bit RSA & 80-bit symmetric ciphers are probably impossible to break
at the current time, but only just so.

1,024-bit RSA & 100-bit symmetric ciphers will be secure for the
"foreseeable future" (whatever that means).

Certicom suggests:
=====================================
Block Cipher RSA
Keylength Key Length
=====================================
80 1024
112 2048
128 3072
192 7680
256 15360
=====================================

Unless the algorithms are less secure than expected, or computing power
improves drastically, I'd suggest that 3072-bit RSA & 150-bit symmetric
keys will not be broken in my lifetime.

(PS: all of the comments relating to RSA above apply equally to Elgamal. In
fact, every indicator available points to Elgamal being stronger than RSA.
For example, it's been estimated that the resources used to crack a 512-bit
RSA key could only break a Elgamal in a prime field with a characteristic of
365-bits).


Hope this helps a bit?


Regards,

Sam Simpson
http://www.scramdisk.clara.net/

--
Archive is at http://lists.gnupg.org - Unsubscribe by sending mail
with a subject of "unsubscribe" to gnupg-users-request@gnupg.org
Re: Using gpg for french law [ In reply to ]
jcplace at attglobal
Aug 3, 2000, 9:10 PM
Post #5 of 7 (573 views)
Permalink
On Thu, Aug 03, 2000 at 03:09:57PM +0100, Simpson, Sam wrote:
> Blowfish can accept key sizes from 1-byte (totally insecure) up to
> 448-bytes (overkill :)).
>
Ok, so does that mean our friend from France is out of luck because it
is capable of going to what... a 3584 bit Encryption key? Also why I
have your attention what benifet is twofish? Why keep it at a 128 bit
session key? Symmetric keys usually compress faster then Public, right?
With that in mind why not max out what blowfish is able to do. Have you
heard of GnuPG supporting big keys? PGP will do 16K now. I know it is
almost rediculus that we need that key I was nust wondering it is was
compatable.

> The strength of Elgamal is not based on the difficulty of factoring but a
> similar problem (the discrete log problem).
>
Ahh I stand corrrected, the manual let me to believe it was a factoring
problem.

> 128-bit Elgamal keys could be trivially broken.
>
At least I score 1... OK a half :-)

> Hope this helps a bit?
>
pun? :-)

Thanks
John

John C. Place
jcplace@attglobal.net
http://profile.guru.com/placej
http://placej.interactivecore.com/public_key.txt

UNIX is a very user-friendly system--it's just not promiscuous
about which users it's friendly with.

--
Archive is at http://lists.gnupg.org - Unsubscribe by sending mail
with a subject of "unsubscribe" to gnupg-users-request@gnupg.org
Re: Using gpg for french law [ In reply to ]
adavid at deetya
Aug 4, 2000, 12:15 AM
Post #6 of 7 (574 views)
Permalink
"John C. Place" <jcplace@attglobal.net> writes:

> On Thu, Aug 03, 2000 at 03:09:57PM +0100, Simpson, Sam wrote:
> > Blowfish can accept key sizes from 1-byte (totally insecure) up to
> > 448-bytes (overkill :)).
> >
> Ok, so does that mean our friend from France is out of luck because it
> is capable of going to what... a 3584 bit Encryption key? Also why I
> have your attention what benifet is twofish? Why keep it at a 128 bit
> session key? Symmetric keys usually compress faster then Public, right?

In order...

What is capable of 3584 bits? Generally for a public-key algorithm
it is a total waste of effort.

Twofish is designed for and submitted as an AES candidate
See http://csrc.nist.gov/encryption/aes/ .There are other candidates
that each have their merits (except possibly MARS)

A 128bit session key is far beyond what is required for security against
a brute-force attack. Somewhere around 90bits is sufficient. Check out
how long distrubuted.net has been spinning cycles for to crack a 64bit
RC5 key.

Forgive my ignorance, but what does your compression of keys question
refer to?

> With that in mind why not max out what blowfish is able to do. Have you
> heard of GnuPG supporting big keys? PGP will do 16K now. I know it is
> almost rediculus that we need that key I was nust wondering it is was
> compatable.

Why bother. PGP doing 16kbits is, as I said, a total waste of effort and
is more for marketing than practical use.

>
> > The strength of Elgamal is not based on the difficulty of factoring but a
> > similar problem (the discrete log problem).
> >
> Ahh I stand corrrected, the manual let me to believe it was a factoring
> problem.
>
> > 128-bit Elgamal keys could be trivially broken.
> >
> At least I score 1... OK a half :-)
>
> > Hope this helps a bit?
> >
> pun? :-)
>
> Thanks
> John

--
=========================================================
Gambling: A discretionary tax on | Anthony David
those who were asleep during high | Systems Administrator
school mathematics classes |

--
Archive is at http://lists.gnupg.org - Unsubscribe by sending mail
with a subject of "unsubscribe" to gnupg-users-request@gnupg.org
RE: Using gpg for french law [ In reply to ]
s.simpson at mia
Aug 4, 2000, 1:09 AM
Post #7 of 7 (578 views)
Permalink
Hey, optimist ;)

Think of the implications: PGP (v5+) web-of-trust is now 100% broken. All
PGP (v5+) signatures could be potential forgeries. Nice.

I DON'T believe this to be true, but I also don't have any data to back it
up :) I haven't heard this opinion voiced by any of the "serious"
cryptographers?



Regards,

Sam Simpson
IT Operations Manager
MIA Ltd

Phone : 01438 735478
Fax : 01438 742682
Mobile : 07968 529673
e-mail : s.simpson@mia.co.uk

> -----Original Message-----
> From: L. Sassaman [mailto:rabbi@quickie.net]
> Sent: 04 August 2000 00:05
> To: Simpson, Sam
> Cc: gnupg-users@gnupg.org
> Subject: RE: Using gpg for french law
>
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On Thu, 3 Aug 2000, Simpson, Sam wrote:
>
> > 1,024-bit RSA & 100-bit symmetric ciphers will be secure for the
> > "foreseeable future" (whatever that means).
>
> I am sure the NSA can brute-force 1024 bit DSS keys. No , I
> have no data to back that up.
>
> __
>
> L. Sassaman
>
> System Administrator | "And all our yesterdays
> Technology Consultant | have lighted fools..."
> icq.. 10735603 |
> pgp.. finger://ns.quickie.net/rabbi | --Shakespeare
>
>
>
>
>
>
>
> -----BEGIN PGP SIGNATURE-----
> Comment: OpenPGP Encrypted Email Preferred.
>
> iD8DBQE5ifynPYrxsgmsCmoRAthlAKD5JeIHjdx+UzSGKnSvmttPYYECYQCgnAhA
> iJ60D2HTm+49pjNdLir/Gbk=
> =z+r9
> -----END PGP SIGNATURE-----
>
> --
> Archive is at http://lists.gnupg.org - Unsubscribe by sending mail
> with a subject of "unsubscribe" to gnupg-users-request@gnupg.org
>

--
Archive is at http://lists.gnupg.org - Unsubscribe by sending mail
with a subject of "unsubscribe" to gnupg-users-request@gnupg.org

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal