[1737] in cryptography@c2.net mail archive
Re: Crypto in real life
daemon@ATHENA.MIT.EDU (John R Levine)
Fri Oct 10 20:43:39 1997
Date: Thu, 9 Oct 1997 23:56:56 -0400 (EDT)
From: John R Levine <johnl@iecc.com>
To: Rick Smith <smith@securecomputing.com>
cc: cryptography@c2.net
In-Reply-To: <v03007809b063075f87db@[172.17.1.150]>
> John Levine's premise seems to be that crypto products can only be
> deemed trustworthy if the source code is available for review.
I'm sorry if it sounded like that was all I was saying. I don't
believe that the entire world has to examine the code like it has for
PGP, but I would expect that you'd want some sort of review better
than "we've been shipping for six months and nobody's reported any
bugs yet." I would, for example, feel better about a product if I
knew that its code had been by reviewed by some well known crypto
experts.
The particular product under discussion only runs on Windows, doesn't
appear to document its formats other than to say that it uses Blowfish
internally, and advertises that you can ship encrypted documents to
anyone as self-running files where you extract them from your e-mail,
type in the key and they decrypt themselves. I don't purport to be
any sort of crypto expert, but these don't strike me as design choices
that inspire confidence in the soundness of the product.
On the other hand, the company that owns RSADSI has apparently
licensed this software or something like it, so maybe there have been
code reviews that we haven't heard about.
The point I was trying to make was that building and selling crypto
software the same way as you sell other desktop PC software seems
likely to get you crypto software that's as buggy as any other PC
software. But whereas a slightly buggy word processor is nearly as
good as a fully debugged word processor, slightly buggy crypto can be
far worse than no crypto since it gives a false sense of security.
Regards,
John Levine, johnl@iecc.com, Primary Perpetrator of "The Internet for Dummies",
Information Superhighwayman wanna-be, http://iecc.com/johnl, Sewer Commissioner
Finger for PGP key, f'print = 3A 5B D0 3F D9 A0 6A A4 2D AC 1E 9E A6 36 A3 47
