Yeah, you need large key sizes- 128 bits keys just aren't enough (they allow birthday attacks to be computationally feasible). But I note that all the AES finalists went to 256 bit key sizes. This would put a birthday attack at about 128 bits of complexity- sufficient. Anything less than about 160 bits of key space is a bad idea.
Generally, the bit sizes work out, for obvious reasons.
Well i know nothing about that "birthday attacks".
My point simply was that there has to be a one to one mapping if you use md5 the way telnet/pam uses it for example else 2 people with different passwds could end up.
deeend -A
______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
