• Status: Solved
• Priority: Medium
• Security: Public
• Views: 1902

# 448 bit encryption means what?

If a file is encrypted with 448 bits encryption (blowfish i beleive it is in the software i am evaluating), what does that mean in reality? it is clearly '192-more-than-256', but what does that mean in a real everyday example?

How long would it take someone with "good knowledge" on the subject to crack it?

I know this is like asking "how long is a piece of string", but try to give me a real life example what it means, or what the difference between 448 and 256 would be...
0
somewhereinafrica
1 Solution

Commented:
Here's all the information you want:  http://www.datadepositbox.com/blowfish.asp
0

Commented:
This might be of some help ....
This topic has been discussed extensively in this thread by the experts.
Have a look...
http://www.experts-exchange.com/Security/Misc/Q_21594850.html
0

Commented:
Here's a short introduction to Blowfish (plus a lot of links with further information) :

http://en.wikipedia.org/wiki/Blowfish_(cipher)

>> but what does that mean in a real everyday example?

Blowfish is a very fast blockcipher. The key size is between 32 and 448 bits, with 448 bits obviously being the strongest encryption. It is considered very good for smaller amounts of data (like e-mails etc.), but becomes less good with very large amounts of data (several GB's) because of the relatively small block size (64 bits) used in the cipher. For most applications, that shouldn't be an issue however.

>> How long would it take someone with "good knowledge" on the subject to crack it?

There is no known way to effectively "attack" blowfish encrypted data, except for the "lower-level" blowfish encryptions (with less than 4 rounds). That leaves brute force, and that takes a VERY long time :) For the 448 bit variant, trying all keys in a brute force attack would require 2^448 iterations - that's a 135 digit value !! There are approximately 43574400 seconds in a year, so you'd need to be able to do 1.7 * 10^127 iterations every second if you want to crack it in one year. It is considered unfeasible for at least the next 100 years.

>> or what the difference between 448 and 256 would be...

Well, 448 gives you extra protection against brute force attacks. That doesn't mean that 256 isn't secure. To use the same analogy as earlier, you'd need to be able to do 2.7 * 10^69 iterations every second if you want to crack it in a year. That is still impossible with today's technology.
0

Author Commented:
Thanks for the extra info Infinity08 :-)
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.