I welcome any and all of Bill Stewart's comments on this issue. I have, since the beginning, noticed a distinct dislike of "security-through-obscurity" among the senior members of this and other similar lists/newsgroups. Many people preach this dislike. Most don't seem to understand its foundations fully; neverthelless, they consider it a closed issue and usually don't bother to explain why. Obscurity is certainly a help. Attacking an unknown system is very much harder than attacking a known one. And everyone in the business knows that. However -- in the real world, as opposed to an academic exercise, you cannot keep an algorithm secret forever. Partners will betray you, spies will steal copies, enemies will capture them. Do you trust everyone on cypherpunks? Should you? If your algorithm is not strong enough to withstand an attack by an enemy who has captured it, you're in trouble. And although you can replace the algorithm, it's a lot harder than changing keys -- good cryptoalgorithms take a *lot* of work, and the details often matter a lot. Besides, your old traffic will then be readable. Security through obscurity is more than a buzzword. It's a necessity in this business. --Steve Bellovin