[4200] in cryptography@c2.net mail archive
Provable security & questionable reporting
daemon@ATHENA.MIT.EDU (P. J. Ponder)
Sat Feb 13 12:52:08 1999
Date: Fri, 12 Feb 1999 22:22:21 -0500 (EST)
From: "P. J. Ponder" <ponder@freenet.tlh.fl.us>
To: cryptography@c2.net
A rather sketchy and somewhat misleading article:
http://www.mercurycenter.com/svtech/news/breaking/merc/docs/084300.htm
<quote>
Posted at 7:30 a.m. PST Friday, February 12, 1999
New encryption code could remain a secret
BY MICHAEL BROOKS
The Guardian
If you have an uneasy feeling about the security of Internet
commerce, you have probably reassured yourself that the
high-tech security programs which safeguard your privacy are
written by the world's best cryptographers. Think again.
Victor Shoup, a cryptography researcher at IBM's Zurich
laboratory, has come up with a world first: a practical encryption
technique that has provable security. You might be surprised to
learn that it may never make it onto the market.
Unfortunately for the public, quality and security are near the
bottom of the priority list when it comes to turning a scheme into a
product. The spoils go to the fastest.
``If you're first, you win, and it doesn't really matter if the product
is crap,'' Shoup explains. ``A lot of what's out there is not the best
that could be done, even without sacrificing any practicality.''
The upshot is that cryptographers have minimal say in the
development of new products.
<. . . .>
</quote>
There is a related story, dated August 24, 1998, at:
http://www.zurich.ibm.com/News/CRYPTO/
