[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Tough Choices: PGP vs. RSA Data Security



Sy Verpunc writes:
 > : .........Brief conversation with Jim Bidzos
 > : at the cypunx mtg indicated that he is very much up for something along the
 > : lines of a personal encryption product that would meet our needs.

Well, this is yet to be seen.

 > All he has to do is let us pay a licence fee for pgp.  What's the advantage
 > to him in asking for a different piece of code that uses RSAREF and DES
 > instead of Phil's code and IDEA?

Practically none, especially since RIPEM is already running, and
is as free as PGP. Of course, single DES is somewhat less
resistant to brute force, thus triple DES would be more
appropriate...

 > I can't see it, except that using DES blows away the security
 > of the program...

Oh, come on now. It looks like every fool in the world
believes now he can crack DES... Let me enlighten you:
even IF one gets a DES engine fast enough and can put
lots of those in parallel - that one still needs lots
of ahrdware/software. Which isn't very feasible today.

 > No, I think this suggestion should be put down now, or we'll splinter and
 > give them exactly the divide-and-conquer opening they're looking for.

Agreed.

Regards,
Uri.
------------
<Disclaimer>