On 9/06/11 6:38 PM, Jay Daley wrote:
> For those of you not on the NZISIG list, the following messages were posted there by Peter Guttmann on the subject of key sizes, which he has agreed I can repost to this list:
>
Ooooooh, I'll see your Guttmann and raise you a Guttmann  (Hi Peter).

Peter's right of course, but he's also fighting an up hill battle here. 
And it's not the first time.
I'll give you an example:

Among the things that Peter is well known for, one of them is the
"Guttmann Method" for wiping hard drives.  You've all heard about it. 
Wiping a drive by overwriting it 35 times with differing patterns etc.

Many of you may have used it.  Many may have recommended it as being the
one true way to wipe disks.

It's become a cult following in IT circles, right the way into
government even.  But how many of you have read the Epilogue to the paper?

"In the time since this paper was published, some people have treated
the 35-pass overwrite technique described in it more as a kind of voodoo
incantation to banish evil spirits than the result of a technical
analysis of drive encoding techniques. As a result, they advocate
applying the voodoo to PRML and EPRML drives even though it will have no
more effect than a simple scrubbing with random data. In fact performing
the full 35-pass overwrite is pointless for any drive since it targets a
blend of scenarios involving all types of (normally-used) encoding
technology, which covers everything back to 30+-year-old MFM methods (if
you don't understand that statement, re-read the paper). If you're using
a drive which uses encoding technology X, you only need to perform the
passes specific to X, and you never need to perform all 35 passes."

Sound familiar?   And no one takes notice of it.  People still swear by
the 35 pass method and say that it's the safest.  I've even had people
refuse to accept disks as wiped if you use anything BUT the Guttmann Method.

They are all wrong, but you just can't beat public perception [1].

I believe that Peter may very well be right about 1280 bits being
enough, but are you really going to be able to convince everyone else to
trust that?

If people look at .com and it uses 2048 and .nz and they use 1280 bit,
are they really going to do all the investigation we just have in order
to assess the true security? 

They certainly don't do the research when they wipe harddrives.

My final word on this is "1280 may well be enough from a security point
of view, but there will be latent trust issues within the .nz target
market if a key less then 2048 is chosen while other domains have
adopted 2048".  NZRS and the DNCL may want to consider this

Regards,
Dean


[1] Unless you have an episode on mythbusters, then people never shut up
about it being "BUSTED" =)