Security through obscurity is no security at all. As for PnC (actually, the scCryptoEngine beneath it), we get the 40 bits from the 56 bits by nulling out the high nybble of every other byte. walt ---------- From: Peter Trei[SMTP:trei@process.com] Sent: Monday, December 16, 1996 2:02 AM To: walt@blarg.net; cypherpunks@toad.com Subject: RE: !! Point 'n Crypt -- Win95 Privacy for Everyone !!
From: Walt Armour <walt@blarg.net> To: "'Matthew Ghio'" <ghio@myriad.alias.net> Cc: "cypherpunks@toad.com" <cypherpunks@toad.com> Subject: RE: !! Point 'n Crypt -- Win95 Privacy for Everyone !! Date: Fri, 13 Dec 1996 22:30:23 -0800
There is no arguing that 40 bits is strong security. I agree with that. [...]
Would you mind telling us just how you expand the 40 key to the 56 bits needed for DES? (Security through obscurity has a bad rep on this list). For many methods of doing so, 40bit DES is NOT secure against a motivated individual's attack. Peter Trei trei@process.com