[3702] in cryptography@c2.net mail archive
Re: Wassenaar vs. CipherSaber
daemon@ATHENA.MIT.EDU (Steve Bellovin)
Fri Dec 4 19:24:49 1998
To: jim@acm.org
cc: cryptography@c2.net
Date: Fri, 04 Dec 1998 18:09:45 -0500
From: Steve Bellovin <smb@research.att.com>
In message <36684E29.A444B14D@acm.org>, Jim Gillogly writes:
> "Arnold G. Reinhold" <reinhold@world.std.com> writes:
> > ... descriptions on the CipherSaber web site http://ciphersaber.gurus.com .
> ..
>
> > Any comments, suggestions, endorsements and publicity are welcome.
>
> I'll endorse it -- the pages give a good overview of the problem and solution
> ,
> and it is indeed easy to implement and test: one interested novice programmer
> with little crypto background was able to crank out a version (I think he
> used VB) in under a day that interoperated with mine. I've plugged it here
> and there, including in my "President's Column" for the American Cryptogram
> Association during my tenure (which ended this year).
>
> It's a nice idea, since it's still legal in most countries to write and
> run your own code and to exchange encrypted information, even if you're
> not allowed to export the code.
I'm glad the site is up, but for many purposes it solves the wrong problem.
Encryption algorithms are easy to write, or even to type in or scan from
printed programs. But what's interesting is easy-to-use crypto, or
crypto that can interoperate. Remember that most of PGP is *not*
crypto algorithms.
