From: Walt Armour <walt@blarg.net> To: "'Matthew Ghio'" <ghio@myriad.alias.net> Cc: "cypherpunks@toad.com" <cypherpunks@toad.com> Subject: RE: !! Point 'n Crypt -- Win95 Privacy for Everyone !! Date: Fri, 13 Dec 1996 22:30:23 -0800

There is no arguing that 40 bits is strong security. I agree with that. [...] As for security, the current release of PnC is primarily targetting privacy, not security. They are two very similar but different approaches. 40 bits is sufficient to encrypt files and keep them away from friends, family and coworkers (unless you work at the NSA). The point of Point 'n Crypt is to attempt to make encryption technology easily useable and widespread. If anything you have is of such a nature that 40 bits isn't enough protection then by all means don't use PnC (at least not this version :). [...] later, walt

Would you mind telling us just how you expand the 40 key to the 56 bits needed for DES? (Security through obscurity has a bad rep on this list). For many methods of doing so, 40bit DES is NOT secure against a motivated individual's attack. Peter Trei trei@process.com