Just to put the numbers into useful terms: Assume you have one bad-ass computer. Assume it will do a trillion (1,000,000,000,000) keys/second (nice). Assume you have to search 50% of the keyspace on average 80 bit key = on average 38,308 YEARS to break. So you upgrade your computer, let's say it now does a trillion trillion keys/second (24 zeros). Assume you have to search 50% of the keyspace on average 80 bit key = on average 1.2 second. EXCELLENT 90 bit key = on average 20.6 minutes. not bad. so people upgade to 90 bit keys. 112 bit key = 164 years. 160 bit key = 46,343,912,903,694,283 years. 1024 = 5700447535712569468953910422339626882350256782541560669502475937269554661513 8560100427599353883668195433826065408229755726404670476413185721983584043465 9197037569423594829671728507799344387665269701556798848952843855120124119935 5703764368040995282761394929943067804992387977103 years As you can unless NP=P, or barring some breakthrough in quantum computing key lengths should stay well ahead of brute force key factoring for some time. Nurt Seifried, kurt@seifried.org A15B BEE5 B391 B9AD B0EF AEB0 AD63 0B4E AD56 E574 http://www.seifried.org/security/