40-bit encryption

From Wikipedia, the free encyclopedia
Jump to: navigation, search

40-bit encryption refers to a key size of forty bits, or five bytes, for symmetric encryption; this represents a relatively low level of security. A forty bit length corresponds to a total of 240 possible keys. Although this is a large number in human terms (about a trillion, nearly two hundred times the world's human population), it is possible to break this degree of encryption using a very limited amount of computing power (as of 2015, of any modern personal computer)[1] in a brute-force attack, i.e., trying out each possible key in turn.


A typical home computer in 2004 could brute-force a 40-bit key in a little under two weeks, testing a million keys per second; modern computers are able to achieve this much faster. Using free time on a large corporate network or a botnet would reduce the time in proportion to the number of computers available.[2] With dedicated hardware, a 40-bit key can be broken in seconds. The Electronic Frontier Foundation's Deep Crack, built by a group of enthusiasts for US$250,000 in 1998, could break a 56-bit Data Encryption Standard (DES) key in days,[3] and would be able to break 40-bit DES encryption in about two seconds.[4]

40-bit encryption was common in software released before 1999, especially those based on the RC2 and RC4 algorithms,[citation needed] when algorithms with larger key lengths could not legally be exported from the United States without a case-by-case license. "In the early 1990s ... As a general policy, the State Department allowed exports of commercial encryption with 40-bit keys, although some software with DES could be exported to U.S.-controlled subsidiaries and financial institutions."[5][6] As a result, the "international" versions of web browsers were designed to have an effective key size of 40 bits when using Secure Sockets Layer to protect e-commerce. Similar limitations were imposed on other software packages, including early versions of Wired Equivalent Privacy. In 1992, IBM designed the CDMF algorithm to reduce the strength of 56-bit DES against brute force attack to 40 bits, in order to create exportable DES implementations.


All 40-bit and 56-bit encryption algorithms are obsolete, because they are vulnerable to brute force attacks, and therefore cannot be regarded as secure. As a result, virtually all Web browsers now use 128-bit keys, which are considered strong. Most Web servers will not communicate with a client unless it has 128-bit encryption capability installed on it.

Public/private key pairs used in asymmetric encryption (public key cryptography) must be much longer than 128 bits for security; see key size for more details.

As a general rule, modern symmetric encryption algorithms such as AES use key lengths of 128, 192 and 256 bits.

See also[edit]


  1. ^ As of 2015, a 40-bit keyspace can be exhaustively searched in under a minute using a COTS PC of moderate specification: in 1998, the EFF's Deep Crack could test 5x1010 (56-bit, 16 orders of magnitude larger keyspace than 40-bit) DES keys per second, leading to a brute-force key recovery in 56 hours. See http://pnylab.com/pny/papers/sk/sk/index.html
  2. ^ Schneier 1996, p. 154.
  3. ^ EFF-1998.
  4. ^ Schneier 1996, p. 153.
  5. ^ Grimmett 2001.
  6. ^ Schneier 1996, p. 615.