Other Directory Sites: SeekWonder | Directory Owners Forum
The following archive was created by hippie-mail 7.98617-22 on Fri Aug 21 1998 - 17:20:42 ADT
C Matthew Curtin (cmcurtin@interhack.net)
Mon, 20 Jul 1998 23:30:17 -0400 (EDT)
>>>>> "Bob" == Robert Hettinga <rah@shipwright.com> writes:
Bob> So, once again, I repeat: as of last week, DES *is* snakeoil, no
Bob> matter its venerable pedigree. (See my .sig, below, to see what I
Bob> think about venerable ideas.)
"Snake Oil" typically refers to a worthless product.
DES is not snake oil. It has withstood more than 20 years of
cryptanalysis, with no significant discoveries of design flaws. We've
all learned some stuff from studying DES.
The problem with DES isn't that it's "snake oil", it's that its key
length, at 56 bits, is too small for protecting nontrivial data. The
basic design of DES is still useful, and as you observed, variations
like triple-DES deal with the small-key problem relatively well.
Please stop saying that DES is snake oil, and posting "DES is DED"
messages to CodherPlunks (and cryptography). DES is not snake oil, and
you're only preaching to the choir here... Such messages accomplish
nothing.
Tell the papers. Tell the magazines. Tell the financial industry.
Nearly everyone _but_ the readers of CodherPlunks needs to be told that
small-key cryptosystems are inadequate for security, regardless of the
quality of its design.
-- Matt Curtin cmcurtin@interhack.net http://www.interhack.net/people/cmcurtin/
The following archive was created by hippie-mail 7.98617-22 on Fri Aug 21 1998 - 17:20:42 ADT