(4) About DES. The data encryption standard is, no doubt in my mind, quite cracked by NSA. If it is not completely cracked it is at least very easy to get into by these boys. I have found that there is too much evidence that NSA has gotten in to DES pretty well. For starters (not a proof by the way) the cryptographers who work for NSA spend most of their time breaking encryption and its pretty mind boggling to think that no short cuts have been found to DES by a bunch of dedicated cyptographers. Damn if that was my job and my field of knowledge i am sure i would have at least a little short cut of some sort.
I've heard this argument before. The NSA has a whole lot of people doing crypto, but (again, with no proof) I can't imagine that they have whole armies of people dedicated to breaking DES. The fact is, there are a lot of very good cryptomathemeticians in academia, who do publish their results. Shamir is an excellent example of this. The fact is, the best known attack requires 2^37 *chosen* plaintexts, more if the plaintexts must be ASCII. I also believe that nobody's security is perfect, and that if something as big as DES was broken, even at the NSA, we would have heard about it. If the world banking industry trusts DES for their trillions of dollars a day, I'm willing to trust it for my little, insignificant messages. Marc