On 9/06/11 6:38 PM, Jay Daley wrote:
For those of you not on the NZISIG list, the following messages were posted there by Peter Guttmann on the subject of key sizes, which he has agreed I can repost to this list:
Ooooooh, I'll see your Guttmann and raise you a Guttmann (Hi Peter).
Peter's right of course, but he's also fighting an up hill battle here. And it's not the first time. I'll give you an example: Among the things that Peter is well known for, one of them is the "Guttmann Method" for wiping hard drives. You've all heard about it. Wiping a drive by overwriting it 35 times with differing patterns etc. Many of you may have used it. Many may have recommended it as being the one true way to wipe disks. It's become a cult following in IT circles, right the way into government even. But how many of you have read the Epilogue to the paper? "In the time since this paper was published, some people have treated the 35-pass overwrite technique described in it more as a kind of voodoo incantation to banish evil spirits than the result of a technical analysis of drive encoding techniques. As a result, they advocate applying the voodoo to PRML and EPRML drives even though it will have no more effect than a simple scrubbing with random data. In fact performing the full 35-pass overwrite is pointless for any drive since it targets a blend of scenarios involving all types of (normally-used) encoding technology, which covers everything back to 30+-year-old MFM methods (if you don't understand that statement, re-read the paper). If you're using a drive which uses encoding technology X, you only need to perform the passes specific to X, and you never need to perform all 35 passes." Sound familiar? And no one takes notice of it. People still swear by the 35 pass method and say that it's the safest. I've even had people refuse to accept disks as wiped if you use anything BUT the Guttmann Method. They are all wrong, but you just can't beat public perception [1]. I believe that Peter may very well be right about 1280 bits being enough, but are you really going to be able to convince everyone else to trust that? If people look at .com and it uses 2048 and .nz and they use 1280 bit, are they really going to do all the investigation we just have in order to assess the true security? They certainly don't do the research when they wipe harddrives. My final word on this is "1280 may well be enough from a security point of view, but there will be latent trust issues within the .nz target market if a key less then 2048 is chosen while other domains have adopted 2048". NZRS and the DNCL may want to consider this Regards, Dean [1] Unless you have an episode on mythbusters, then people never shut up about it being "BUSTED" =)