* Reply to msg originally in Cypherpunks <INET> marc@Athena.MIT.EDU (Marc Horowitz) writes: BK> I also believe that nobody's security is perfect, and that if BK> something as big as DES was broken, even at the NSA, we would have BK> heard about it. If the world banking industry trusts DES for their BK> trillions of dollars a day, I'm willing to trust it for my little, BK> insignificant messages. I'm surprised that you haven't had 53 replies to this already, but in that you haven't I suppose I ought not let this go by unchallenged. In a _MicroTimes_ article by Jim Warren of the EFF, the unreliability of DES was discussed at length. In a nutshell, Marty Hellman of Stanford broke the "unbreakable" 54-bit DES _prior to its adoption as a standard_. He promoted the idea of a 64-bit DES instead, but was _opposed by the NSA_ for reasons we can all speculate upon at length. This opposition is the basis of the rumors (?) of DES being backdoored by the NSA. The upshot was that DES was adopted _after_ being demonstrably compromised. The postscript to this is that Hellman's proposed "unbreakable" 64-bit DES variant was later cracked as well. The post-postscript is an apocryphal story I personally got from an Israeli communications tech and minor spook. He claimed that DES was broken by the cryptanalytic arm of Israeli intelligence _in two hours_. It is relatively certain that a DES-encrypted cyphertext can be easily decrypted by well-equipped agencies. Whether decryption is now trivially accomplished by private parties is another question. JN ... "He isn't my president & these aren't my people." --- Blue Wave/Opus v2.12 [NR] -- John Nieder - via FidoNet node 1:125/555 UUCP - ...!uunet!hoptoad!kumr!fidogate!33!John.Nieder INTERNET - John.Nieder@f33.n125.z1.FIDONET.ORG