448 bit encryption means what?

Posted on 2007-08-01
Medium Priority
Last Modified: 2008-01-09
If a file is encrypted with 448 bits encryption (blowfish i beleive it is in the software i am evaluating), what does that mean in reality? it is clearly '192-more-than-256', but what does that mean in a real everyday example?

How long would it take someone with "good knowledge" on the subject to crack it?

I know this is like asking "how long is a piece of string", but try to give me a real life example what it means, or what the difference between 448 and 256 would be...
Question by:somewhereinafrica

Expert Comment

ID: 19611278
Here's all the information you want:  http://www.datadepositbox.com/blowfish.asp

Accepted Solution

cipher007 earned 2000 total points
ID: 19611392
This might be of some help ....
This topic has been discussed extensively in this thread by the experts.
Have a look...
LVL 53

Expert Comment

ID: 19611758
Here's a short introduction to Blowfish (plus a lot of links with further information) :


>> but what does that mean in a real everyday example?

Blowfish is a very fast blockcipher. The key size is between 32 and 448 bits, with 448 bits obviously being the strongest encryption. It is considered very good for smaller amounts of data (like e-mails etc.), but becomes less good with very large amounts of data (several GB's) because of the relatively small block size (64 bits) used in the cipher. For most applications, that shouldn't be an issue however.

>> How long would it take someone with "good knowledge" on the subject to crack it?

There is no known way to effectively "attack" blowfish encrypted data, except for the "lower-level" blowfish encryptions (with less than 4 rounds). That leaves brute force, and that takes a VERY long time :) For the 448 bit variant, trying all keys in a brute force attack would require 2^448 iterations - that's a 135 digit value !! There are approximately 43574400 seconds in a year, so you'd need to be able to do 1.7 * 10^127 iterations every second if you want to crack it in one year. It is considered unfeasible for at least the next 100 years.

>> or what the difference between 448 and 256 would be...

Well, 448 gives you extra protection against brute force attacks. That doesn't mean that 256 isn't secure. To use the same analogy as earlier, you'd need to be able to do 2.7 * 10^69 iterations every second if you want to crack it in a year. That is still impossible with today's technology.

Author Comment

ID: 19611794
Thanks for the extra info Infinity08 :-)

Featured Post

[Webinar] Cloud and Mobile-First Strategy

Maybe you’ve fully adopted the cloud since the beginning. Or maybe you started with on-prem resources but are pursuing a “cloud and mobile first” strategy. Getting to that end state has its challenges. Discover how to build out a 100% cloud and mobile IT strategy in this webinar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Since pre-biblical times, humans have sought ways to keep secrets, and share the secrets selectively.  This article explores the ways PHP can be used to hide and encrypt information.
The conference as a whole was very interesting, although if one has to make a choice between this one and some others, you may want to check out the others.  This conference is aimed mainly at government agencies.  So it addresses the various compli…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Suggested Courses
Course of the Month13 days, 23 hours left to enroll

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question