From owner-freebsd-hackers  Sun Feb 11 05:58:11 1996
Return-Path: owner-hackers
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.3/8.7.3) id FAA07890
          for hackers-outgoing; Sun, 11 Feb 1996 05:58:11 -0800 (PST)
Received: from ibp.ibp.fr (ibp.ibp.fr [132.227.60.30])
          by freefall.freebsd.org (8.7.3/8.7.3) with ESMTP id FAA07884
          for <freebsd-hackers@FreeBSD.org>; Sun, 11 Feb 1996 05:58:06 -0800 (PST)
Received: from blaise.ibp.fr (blaise.ibp.fr [132.227.60.1])
	by ibp.ibp.fr (8.6.12/jtpda-5.0) with ESMTP id OAA29025
	; Sun, 11 Feb 1996 14:58:04 +0100
Received: from (uucp@localhost)
	by blaise.ibp.fr (8.6.12/jtpda-5.0) with UUCP id OAA12706
	; Sun, 11 Feb 1996 14:58:06 +0100
Received: (from roberto@localhost) by keltia.freenix.fr (8.7.3/keltia-uucp-2.7) id OAA06066; Sun, 11 Feb 1996 14:39:08 +0100 (MET)
From: Ollivier Robert <roberto@keltia.freenix.fr>
Message-Id: <199602111339.OAA06066@keltia.freenix.fr>
Subject: Re: Non-US DES
To: segura@worldnet.net (Fabrice Segura)
Date: Sun, 11 Feb 1996 14:39:08 +0100 (MET)
Cc: freebsd-hackers@FreeBSD.org
In-Reply-To: <199602111237.NAA12930@storm.certix.fr> from Fabrice Segura at "Feb 11, 96 01:37:23 pm"
X-Operating-System: FreeBSD 2.2-CURRENT ctm#1630
X-Mailer: ELM [version 2.4ME+ PL5 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-hackers@FreeBSD.org
Precedence: bulk

It seems that Fabrice Segura said:
> I guess US users don't see a reason to have easily breakable systems. (Just
> in a few days/weeks using brute force)

If   you   think  the  DES  (or  MD5)  is  that   breakable,  you're  for a
disappointment. Don't believe  eveyone who says  DES is dead... The fastest
way (the 3.5 M$ machine  for 3h1/2) requires   something like 2^47 or  2^48
cleartext-crypto couples (8   bytes each). Guess   how many bytes  it means
(hint: too many) ?

There are better algorithms of course (IDEA for example). 

> My question is, as it has been the case with PGP262i, couldn't someone make
> a crypt package based on IDEA algorithm, that would be compatible in coding
> with the regular DES package, and as solid, of course.

The MD5-based package is already believed to be stronger than the DES-based
one. But  don't forget interoperability.  It is useless  to try to  use MD5
when all the other machines all around you use DES.
 
> (I forgot to mention that I'm French, and I don't like the both the idea of
> putting my country in the same bag as Iran and Irak, and that my governement
> wants to read my mail)

So am I :-)
-- 
Ollivier ROBERT    -=- The daemon is FREE! -=-    roberto@keltia.frmug.fr.net
   FreeBSD keltia.freenix.fr 2.2-CURRENT #5: Sun Feb  4 03:11:17 MET 1996