[3064] in cryptography@c2.net mail archive
Re: practical encryption
daemon@ATHENA.MIT.EDU (Rick Smith)
Fri Jul 24 10:42:33 1998
Date: Thu, 23 Jul 1998 15:55:45 -0500
To: nelson@media.mit.edu (Nelson Minar), cryptography@c2.net
From: Rick Smith <rick_smith@securecomputing.com>
In-Reply-To: <199807231343.JAA12394@pinotnoir.media.mit.edu>
At 09:43 AM 7/23/98 -0400, Nelson Minar wrote:
> ....... We should
>design the protocols to be strong, yes. We should raise hell about 40
>bit limits, and develop the crypto in a free country so everyone has
>access to the strong system. But we can't lose sight of the more
>fundamental message, that we need the cryptography.
>
>Or is this horribly naive?
Hear, hear. I fully agree, but then I'm playing the devil's advocate.
We've got to get away from the moral extremism about "good" crypto versus
"bad" crypto. People untrained in the subject (i.e. the overwhelming
majority of the world) will only get the message that "bad" crypto exists
and they'll never have confidence in their ability to identify "good" crypto.
All crypto is intrinsically "good" and it's just a matter of deciding when
it's best used and how much of an attack it can withstand. ROT13 withstands
casual examination though people can learn to translate it by sight. DES
can protect individual credit card numbers in some jurisdictions (see my
other message). And so on. Effectiveness against attack is always a
temporary thing -- next week another attack may render today's defenses
less reliable. Choosing a good algorithm is no defense (though it's a
sensible starting point) since a bad implementation can render it
vulnerable. Look at PKCS #1.
Rick.
smith@securecomputing.com
