PGP and HMG
Ben Laurie
ben at algroup.co.uk
Mon, 07 May 2001 19:26:28 +0100
Owen Lewis wrote:
>
> -----Original Message-----
> From: ukcrypto-admin@chiark.greenend.org.uk
> [mailto:ukcrypto-admin@chiark.greenend.org.uk]On Behalf Of Werner Koch
> Sent: 04 May 2001 13:26
> To: ukcrypto@chiark.greenend.org.uk
> Subject: Re: PGP and HMG
>
> On Fri, 4 May 2001, Ben Laurie wrote:
>
> > As well as relying on crypto that is not yet mature!
>
> Do you mean AES?
Yes.
> Well the _recipient_ can choose the symmetric
> algorithm a sender has to choose.
In PGP? Really? How?
> Do you think that 3-DES is not
> matured?
No.
>
> For over twenty years, it has been generally appreciated that, with a 56
> bit key, DES was vulnerable to a brute force attack (albeit there were few
> with computational power necessary to exploit the weakness). A 3 DES
> implementation, the current method of choice for overcoming the 56 bit key
> limitation to DES security, could have been implemented by any from the
> publication of DES. Yet it was only when advances in computational power
> substantially broadened to a commonplace the number of organisations with a
> capability to crack DES enciphered traffic that 3-DES came into use. 3-DES
> received backing from USG as a means of extending the common usage of DES.
> Discuss?
What's to discuss?
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff