Michael W Mitton <mmitton@hmcon.com> writes:
> My data may not be worth a billion dollars, but I can be fairly certain
> that I am part of a group ( a rather _large_ group ) whose combined
> information is worth that.

The combination is not of much importance because the combination
doesn't share a single key. A machine can only crack so many keys per
unit time. If you build a device that costs you a billion dollars and
can only crack one key every six months, you are going to to be very
careful about which key you choose to crack because each key costs you
hundreds of millions in amortized cost to crack.

> Beside, I'm sure the federal government ( any federal government )
> wouldn't blink an eye at 1 billion dollars if they could read everyones
> email.  ;)

Again, at best this offers you the THEORETICAL possibility of reading
any particular individual's mail. You still have to spend huge
resources on cracking that one key, assuming that this is even
possible. (The jury is still out on that.) There is a distinction
between saying that one can crack ANYONE'S key and saying you can
crack EVERYONE'S key. One implies being able to break a few if you
really really want to, the other implies being able to break all
cheaply and quickly.

I would like to repeat that using longer key lengths is not
necessarily stupid -- just not something to be contemplated as an
imminent emergency. Certainly the jury is still out on just how
practical factoring 1024 bit numbers is using the latest algorithms
and hardware acceleration.


-- 
Perry E. Metzger		perry@piermont.com
--
"Ask not what your country can force other people to do for you..."