At 8:13 PM 1/30/96 -0500, Futplex wrote:
Bill Frantz writes:
One other small advantage I can see to using Lotus's crippled encryption. It disguises the fact that a message is actually (double) encrypted with PGP. Attackers have to break the 40 bits before they see the PGP encrypted data.
I don't understand. Are you saying that there's a special benefit to doing superencryption (GAK encryption over non-GAK encryption) when the GAK layer is Lotus Notes ?
Tim May had it exactly right in his post entitled "Silver Linings and Monkey Wrenches" (thanks Tim). The only thing I can add is that forcing them to attack a 40 bit key is better than giving them the whole key thru some LEAF scheme ala Clipper. As long as you can cut and paste, PGP (at least the Mac version) is hard to lock out and minimally usable. Bill
Tim May had it exactly right in his post entitled "Silver Linings and Monkey Wrenches" (thanks Tim). The only thing I can add is that forcing them to attack a 40 bit key is better than giving them the whole key thru some LEAF scheme ala Clipper.
Your point may be valid, but who is attacking a 40 bit key? Is cracking 40 out of 64 bits of a 64-bit RC4 key as hard as cracking a 40 bit key, or does knowing a significant portion of the key make the search considerably easier than brute force? I've never heard anyone make an assertion either way, except that some people seem to assume a the difficulties are the same. Thanks, David
participants (2)
-
David Mazieres -
frantz@netcom.com