Archives
  Columns
  Features
  Print Archives
1994-1998
  Special
  BYTE Digest
  Michael Abrash's Graphics Programming Black Book
  101 Perl Articles
  About Us
  How to Access BYTE.com
  Write to BYTE.com
  Advertise with BYTE.com

Newsletter
Free E-mail Newsletter from BYTE.com
 
    
  HOME   ABOUT US   ARCHIVES   CONTACT US   ADVERTISE   REGISTER
Visit the home page Browse the four-year online archive Download platform-neutral CPU/FPU benchmarks Find information for advertisers, authors, vendors, subscribers Request free information on products written about or advertised in BYTE Submit a press release, or scan recent announcements Talk with BYTE's staff and readers about products and technologies

ArticlesMoore vs. Crypto

June 1 997 / Inbox / Moore vs. Crypto

In "Encryption for a Small Planet" (March), Thom Stark neglects to mention the effect of Moore's law on data security. My corollary to Moore's law is this: To maintain the same level of data security, you must increase your key length by 1 bit every year. By Moore's law, processor performance doubles every 18 months; however, there are also advances in algorithms and mathematics, as well as an increasing number of computers available to a would-be cryptanalyst. Since a doubling of computer power is equivalent to shortening the key by 1 bit, a conservative estimate is that the key length should increase by 1 bit every year.

Stark's theoretical estimates for the maximum times needed to crack keys of different lengths are correct in today's terms, but incorrect in absolute terms. In his example, RC-4 with a 56-bit key takes 2691.49 years to crack. A 56-bit key in 16 years is equivalent to a 40-bit key today. Wait 16 years, and then start your cryptanalysis: The 56 bit-key would take 16 years and 15 days to crack. If the U.S. government insists on maintaining its curre nt stance on the export of encryption technology, then it should at least frame future legislation to allow cryptography vendors to increase key lengths by 1 bit every year, with a review of the baseline, say, every 10 years.

Martin Budden
Richmond, Surrey, U.K.
martinjb@cix.compulink.co.uk

There's nothing absolute about Moore's law; it's an observation of a trend, and the trend will slam into the realities of minimum scale and maximum waste heat transfer before too many more microprocessor generations elapse. Your argument about advances in algorithms is a better one; there might be indefinite room for improvement there.

The ground on which the U.S. government maintains its limits on exportable enc ryption strength amounts to "we have to be able to decipher the bad guys' traffic." If you buy that, then there's no reason to ever increase the key-length limit. Of course, strong encryption is available from non-U.S. vendors, and further, if criminals and terrorists don't respect laws against crime and terror, why would anyone expect them to respect laws against exporting strong encryption?--Thom Stark

Up to the Inbox section contentsGo to previous article: No 40-bit PGPGo to next article: Lame Review?SearchSend a comment on this articleSubscribe to BYTE or BYTE on CD-ROM  
Flexible C++
Matthew Wilson
My approach to software engineering is far more pragmatic than it is theoretical--and no language better exemplifies this than C++.

more...

BYTE Digest

BYTE Digest editors every month analyze and evaluate the best articles from Information Week, EE Times, Dr. Dobb's Journal, Network Computing, Sys Admin, and dozens of other CMP publications—bringing you critical news and information about wireless communication, computer security, software development, embedded systems, and more!

Find out more
BYTE.com Store

BYTE CD-ROM
NOW, on one CD-ROM, you can instantly access more than 8 years of BYTE.
 
The Best of BYTE Volume 1: Programming Languages
The Best of BYTE
Volume 1: Programming Languages
In this issue of Best of BYTE, we bring together some of the leading programming language designers and implementors...

Copyright © 2005 CMP Media LLC, Privacy Policy, Your California Privacy rights, Terms of Service
Site comments: webmaster@byte.com
SDMG Web Sites: BYTE.com, C/C++ Users Journal, Dr. Dobb's Journal, MSDN Magazine, New Architect, SD Expo, SD Magazine, Sys Admin, The Perl Journal, UnixReview.com, Windows Developer Network