In message <5.0.0.25.2.20001010154833.03a01b80@ebible.org>, Michael Paul Johnso n writes:
To put this suggestion into perspective, consider that in the real world, pure cipher strength is rarely the weakest link in the security chain, provided th at a reasonable key length and cipher are chosen. Having done that, go for it if you still think you can afford the extra time, space, and key management wi th (probably) no measurable increase in overall system security.
Precisely. What is the *real* threat model? History does indeed show that believed-secure ciphers may not be, and that we do indeed need a safety margin. But history shows even more strongly that there are many better ways to the plaintext, and that's the real goal. --Steve Bellovin