RE: A sad day for encryption...

Mark G. Scheuern (mgscheue@Oakland.edu)
Tue, 24 Jun 1997 06:17:25 -0400 (EDT)


On Mon, 23 Jun 1997, Adam Haberlach wrote:

> Anyone can correct me if I'm wrong, but I believe that private
> keys get encrypted using DES with the key being the MD5 hash of
> the personal keyphrase. We've proved that DES is somewhat weak
> to this kind of attack (remind me to change my passphrase next
> week).

PGP uses IDEA for its conventional encryption, with a 128 bit key.

Mark