[Gllug] Encryption, was Re: Are there any expect experts out there?
Tethys
tet at accucard.com
Mon Apr 14 08:48:16 UTC 2003
Anthony Chapman writes:
>On a related note, what does everyone think of DES for a VPN? Is it
>paranoid to insist on 3DES? Hmm, I guess the answer to that is yes, so
>the question should be: Is it paranoid in a bad way?
Put it this way. Cracking DES is so easy, there's even an O'Reilly book
about it:
http://www.oreilly.com/catalog/crackdes/
Moore's law means that to build a hardware crackker like the EFF's
Deep Crack should now only cost around US$25,000, or less if you
don't mind it taking a bit longer -- if you were prepared to have it
take, say, a couple of weeks to crack, then you could probably get
the price down to under $5,000 -- the price of an entry level server.
So ultimately, it depends on the data you're encrypting. Does it have
sufficient value to a competitor (or perhaps someone with a grudge)
that they'd be prepared to buy a server to get at the data? If it
does (and if it doesn't, why are you using VPN in the first place?),
then you want to be using something stronger than DES.
Tet
--
Gllug mailing list - Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug
More information about the GLLUG
mailing list