Home page logo

basics logo Security Basics mailing list archives

Re: What is the meaning of BIT in Encryption
From: JGrimshaw () ASAP com
Date: Fri, 21 Nov 2003 08:47:45 -0600

Here is an example, I am being generalistic.  Please note that I do not 
claim to be an expert.

Let's pretend you have a typical DES encryption.  56 Bits.  Yes, there are 
8 bits in a byte, but we are not talking about data like in this email, 
we're talking about the possible number of key combinations that fit 
within the key  space.  The key space is 56 bits-- from all zeros to all 
ones, 56 of them in a row.  On and Off.  It's 2 to the 56th power amount 
of combinations, as only zeros and ones apply.  2 to the 56 power might 
better be written as 7.2 x 10 to the 16th power.  It's a large number of 

Let's also pretend that you're attempting to crack this.  You have a 
computer that can manage 1 key per millisecond.  The average time of a 
complete exhaustive key search on a 2 to the 55th power is about 1142 
years.  If you had a computer that could crack 10 to the 6th power of keys 
per millisecond, it'd take you less than 10 hours.

The bits entirely relate to the amount of keys in the key space, and thus 
(it is assumed), a greater difficulty in cracking the keys.   I have often 
heard of the strength of a typical encryption method as relating to how 
long it takes to reach the center of the key space.  Worst case is an 
exhaustive search through all keys, with the very last key combination 
happening to be the correct one.  You may see that in marketing.

40 bits is weak compared to 56 bits, as the higher you go in bits, the 
more difficult it is to crack on an expotential scale.  Doubling the bits, 
or even making partial increases in key space size (or, the number of 
bits) makes things much difficult.  Much more so than "twice as hard"

If that doesn't make sense, then try this simple experiment.  draw four 
dashes, and then repeat how many combinations of 0s and  1s you can make. 
How many combinations do you have, including no ones and all ones?

You have 16 combinations from this four bit key space, 2 to the 4th power.

- - - -

Now fill out eight dashes--twice as many.

- - - - - - - -
I would be here all day, until I reached 256 different combinations.  All 
from just an 8 bit key space of 2 to the 8th power.

Just by doubling the key space, I went from 16 keys to 256 keys.  That's 
not doubling--thats an expotential increase.   If this still does not make 
sense, then do the math:

2 to the 4th power is 2 x 2 x 2 x 2 = 16

2 to the 8th power is 2 x 2 x 2 x 2 x 2 x 2 x 2 x 2 = 256

If you really wanted to just double the strength, then (in the case of the 
4 bit) you simply add another bit, to 2 to the 5th power : 2 x 2 x 2 x 2 x 
2 = 32.  You just doubled your combinations by adding just one bit!

So:  The more bits, the more secure it is assumed to be.


"Cheetah" <cheetahx () online no> 
11/20/2003 03:35 PM

"Anders Reed-Mohn" <anders_rm () utepils com>, "Mr Babak Memari" 
<memari () mail15 com>, <security-basics () securityfocus com>

Re: What is the meaning of BIT in Encryption

What is the meaning of BIT in Encryption ?

hmm.. unless that is some acronym I never heard before,
a bit in encryption is just a bit..  as in "eight bits make a byte".

No, what he is thinking of is things like 48-bit encryption, 128-bit
encryption, etc.
Personaly I'm wondering about this myself. The more bits the stronger the
encryption, but that's
as far as my understanding goes.

How is asymmetric encrytion work? Is there a simple ducument to
describe this kind of encryption?

There a probably a million.
Try this:  go to www.howstuffworks.com and use the search function
to search for:    public key cryptography

That will give you quite a lot to start with.





  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]