Solved

# 448 bit encryption means what?

Posted on 2007-08-01
1,740 Views
If a file is encrypted with 448 bits encryption (blowfish i beleive it is in the software i am evaluating), what does that mean in reality? it is clearly '192-more-than-256', but what does that mean in a real everyday example?

How long would it take someone with "good knowledge" on the subject to crack it?

I know this is like asking "how long is a piece of string", but try to give me a real life example what it means, or what the difference between 448 and 256 would be...
0
Question by:somewhereinafrica

LVL 8

Expert Comment

Here's all the information you want:  http://www.datadepositbox.com/blowfish.asp
0

LVL 3

Accepted Solution

This might be of some help ....
This topic has been discussed extensively in this thread by the experts.
Have a look...
http://www.experts-exchange.com/Security/Misc/Q_21594850.html
0

LVL 53

Expert Comment

Here's a short introduction to Blowfish (plus a lot of links with further information) :

http://en.wikipedia.org/wiki/Blowfish_(cipher)

>> but what does that mean in a real everyday example?

Blowfish is a very fast blockcipher. The key size is between 32 and 448 bits, with 448 bits obviously being the strongest encryption. It is considered very good for smaller amounts of data (like e-mails etc.), but becomes less good with very large amounts of data (several GB's) because of the relatively small block size (64 bits) used in the cipher. For most applications, that shouldn't be an issue however.

>> How long would it take someone with "good knowledge" on the subject to crack it?

There is no known way to effectively "attack" blowfish encrypted data, except for the "lower-level" blowfish encryptions (with less than 4 rounds). That leaves brute force, and that takes a VERY long time :) For the 448 bit variant, trying all keys in a brute force attack would require 2^448 iterations - that's a 135 digit value !! There are approximately 43574400 seconds in a year, so you'd need to be able to do 1.7 * 10^127 iterations every second if you want to crack it in one year. It is considered unfeasible for at least the next 100 years.

>> or what the difference between 448 and 256 would be...

Well, 448 gives you extra protection against brute force attacks. That doesn't mean that 256 isn't secure. To use the same analogy as earlier, you'd need to be able to do 2.7 * 10^69 iterations every second if you want to crack it in a year. That is still impossible with today's technology.
0

Author Comment

Thanks for the extra info Infinity08 :-)
0

## Featured Post

### Suggested Solutions

Suppose you are a shopaholic and you shop online frequently from a website. That means that is obvious that you would have been registered yourself on that website. Now, once in a while that website that you always buy from becomes a victim of phish…
#SSL #TLS #Citrix #HTTPS #PKI #Compliance #Certificate #Encryption #StoreFront #Web Interface #Citrix XenApp
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…