======== Newsgroups: alt.security.pgp Subject: Re: Can pgp be cracked?? From: falk@peregrine.eng.sun.com (Ed Falk) Date: 9 Jan 1996 21:56:43 GMT In article <4csnqm$2e4@fnord.dfw.net>, David Mclean wrote: >Hello I am running pep.exe on my computer. I have the level set and the >highest. How hard would it be for some one have crack my pgp messages. >Also I have see keys that say greek code. What is the greak code. Is it >like pgp? Thanks for the help! I assume you mean pgp.exe, not "pep.exe". Also "geek code", not "greek code" or "greak code". I don't know what you mean by "I have the level set and the highest", unless you mean that you selected the highest number of bits for the keysize. Anyway, to answer your questions: For casual personal security, you don't need any more than the lowest level of security (512 bits). If you have reason to believe that a major corporation or a very large number of hackers with *enormous* computer resources are trying to decrypt your message, you should go with the 768-bit key. (For reference, the 429-bit key "RSA-129" required 6000 mips-years to break, and the difficulty doubles every few bits.) If you have reason to believe that a major government is trying to decrypt your messages, you should go with the 1024-bit key *and* build a radiation-proof shielded room to use your computer. There are various other security protocols you would have to use as well, some of which are documented in pgpdoc[12].txt and some of which involved big safes and armed guards. If you have reason to believe that space aliens, quantum computers, Operating Thetans or Russian COSMOspheres are trying to decrypt your messages, you should go with 2047-bit keys and seek psychiatric help. If you need your message to *stay* secret for a couple of decades, double the keysize to allow for future technological advances. To answer your second question, "geek code" has nothing to do with pgp or any other kind of encryption. It's just a cute way for geeks to condense their personal profile down to a few lines. For more information, see http://krypton.mankato.msus.edu/~hayden/.codes/geek3.1.html -- -ed falk, sun microsystems falk@sun.com Just because you don't understand it, that doesn't make it art.