PGP and HMG

Ben Laurie ben at algroup.co.uk
Tue, 08 May 2001 18:34:16 +0100 

I'm not going to bother to try to decipher your replies - switch on
appropriate quoting.

Cheers,

Ben.

Owen Lewis wrote:
> 
> -----Original Message-----
> From: ukcrypto-admin@chiark.greenend.org.uk
> [mailto:ukcrypto-admin@chiark.greenend.org.uk]On Behalf Of Ben Laurie
> Sent: 07 May 2001 19:26
> To: ukcrypto@chiark.greenend.org.uk
> Subject: Re: PGP and HMG
> 
> Owen Lewis wrote:
> >
> > -----Original Message-----
> > From: ukcrypto-admin@chiark.greenend.org.uk
> > [mailto:ukcrypto-admin@chiark.greenend.org.uk]On Behalf Of Werner Koch
> > Sent: 04 May 2001 13:26
> > To: ukcrypto@chiark.greenend.org.uk
> > Subject: Re: PGP and HMG
> >
> > On Fri, 4 May 2001, Ben Laurie wrote:
> >
> > > As well as relying on crypto that is not yet mature!
> >
> > Do you mean AES?
> 
> Yes.
> 
> >  Well the _recipient_ can choose the symmetric
> > algorithm a sender has to choose.
> 
> In PGP? Really? How?
> Well, the general idea would be to introduce a handshaking protocol whereby
> one station is instructed by the other which of several symmetric cipher
> modules to run. Until ACK for the correct module is received no msg will be
> enciphered-sent/accepted-deciphered. While this can be designed to work
> either way around, it is generally simpler (and better?) to allow the
> sending station only to specify the module. Where a cipher text is passes by
> transportation on physical media, it must be the sending station that
> specifies.
> 
> >  Do you think that 3-DES is not
> > matured?
> 
> No.
> 
> >
> >         For over twenty years, it has been generally appreciated that,
> with a 56
> > bit key, DES was vulnerable to a brute force attack (albeit there were few
> > with computational power necessary to exploit the weakness). A 3 DES
> > implementation, the current method of choice for overcoming the 56 bit key
> > limitation to DES security, could have been implemented by any from the
> > publication of DES. Yet it was only when advances in computational power
> > substantially broadened to a commonplace the number of organisations with
> a
> > capability to crack DES enciphered traffic that 3-DES came into use. 3-DES
> > received backing from USG as a means of extending the common usage of DES.
> > Discuss?
> 
> What's to discuss?
> 
> Ah well...
> 
> Owen
> 
> Cheers,
> 
> Ben.
> 
> --
> http://www.apache-ssl.org/ben.html
> 
> "There is no limit to what a man can do or how far he can go if he
> doesn't mind who gets the credit." - Robert Woodruff

--
http://www.apache-ssl.org/ben.html

"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff