Re: [PATCH] DES LOOP Supportx

Eamon Hughes. (eh@adv.sbc.sony.co.jp)
Wed, 19 Jun 96 12:35:45 +0100

> On Wed, 19 Jun 1996 Andries.Brouwer@cwi.nl wrote:
>
> > Nicholas J. Leon:
> >
> > <DES patch deleted>
> >
> (clip)
> > On the one hand they are almost unuseably slow, and on the other
> > hand it is asking for trouble.
> >
> > You could put your patch up for ftp someplace, preferably outside the USA.
> > What about adding a reasonably good and reasonably fast encryption?
> >
> > Andries
>
> DES is a fairly recent US government standard correct? The US government

DES was developed back in the late seventies and as such is fairly old.

> has proposed that all encryption methods have back doors so that the
> government can get into them, correct? Would they have designed DES in such
> a way that it is unbreakable, or in such a way that a person who knew how to
> get into it, can do so at will.

DES always was breakable. There was (as far as I know) no back door just raw
computing power. The DES algorithm was a castrated form of the IBM lucifer
algorithm which had better security.

>
> Ergo DES is compromised, and it is only until whoever wants to bad enough
> can buy from the right person(1) or figure out what the method is.

DES is and always has been compromised. It is interesting that the DES standard
only allows it to be used for commercial trafic. It must not be used for
any classified information. Nuff said!

>
> It looks to me like anything powerful enough to be really secure will be
> very slow for full system encryption.. (I am thinking mostly of RSA/MD5
> based things which I admittedly don't know enough about.)

It depends how much you want to keep secret. If your information is time
dependent and keeping it secure for a week etc. will satisfy you then DES
is okay. If it vitally important that no one ever finds out (like where was
the Belgrano) then don't send it. Otherwise you pays your mony and you take
your chances. The longer it takes you to encrypt the data then (normally) the
longer it will take to break it.

>
>
> (1) am I suggesting there may be non-angelic people in the gov't?
> who might even be for sale(2)? .... shame on me.
>
> (2) am I allowed to say this? (looking both ways)
>
> __kmb203@psu.edu_________________________Debian__1.1___Linux__2.0.0___
> Error: this signature should not appear. If you see this signature, ...
>

Eamon Hughes.
Work: eh@adv.sbc.sony.co.jp
Anything said here is my comments and nothing to do with Sony.
Home: eamon@finnmcol.demon.co.uk

-----
"And if it comes to a choice between spending yet another ten million years
finding that out, or just taking the money and running, then I for one could
do with the excercise."
- Frankie mouse, The Hitch Hiker's Guide to the Galaxy

And a big Hi! to all the people out there who are reading this 'cos it has
words like DES, RSA, encrypt et. al. in it.

------- End of Forwarded Message