Re: Mac encryption
What is everyones opinion of the best encryption software forthe Mac? Frederic Halper fhalper@pilot.njin.net
MacPGP, available by anonymous ftp from the soda.berkeley.edu site, is the only one I know of using public key methods, and hence the only one of real interest to Cypherpunks.
I find this to be a strange statement. Do we have no interest in non-public key methods? Seems the Cypherpunks should have an interest in all forms of crypto. Most users don't currently use public key becuase they just want to keep thier boss from sitting down at thier computer and reading the resumes they wrote for other companies. This can be accomplished with symetrical crypto just as well, if not faster than PGP.
Commerical products (like the various "Kent Marsh" products) are mostly DES-or-weaker and are oriented toward local file protection. (MacPGP will do that, too, of course).
Cryptomatic does come with Triple DES which is still a very strong method. Unfortunatly MacPGP's biggest draw back is that its interface is poor and it is hard to use. There is also MacRIPEM which is written by Raymond Lau, author of Stuffit, and is much easier to use, but weaker than PGP (but legal).
About six or seven years ago I bought "Sentinel," from SuperMac, and used it a few times. The problems were obvious: lack of other users (so my friends couldn't receive or send), and the symmetric cipher nature (we had to share keys for a message). Public key systems based on PGP have solved both problems (though problems of convenience remain).
Can't stop without mentioning that my company make a product called Citadel which does DES encryption. ___________________________________________________________________________ "I want to know God's thoughts...the rest are details." -- Albert Einstein _________________________________________ Ron Davis rondavis@datawatch.com Datawatch, Research Triangle Park, NC (919)549-0711
Ron Davis writes: (quoting me)
MacPGP, available by anonymous ftp from the soda.berkeley.edu site, is the only one I know of using public key methods, and hence the only one of real interest to Cypherpunks.
I find this to be a strange statement. Do we have no interest in non-public key methods? Seems the Cypherpunks should have an interest in all forms of crypto. Most users don't currently use public key becuase they just want to keep thier boss from sitting down at thier computer and reading the resumes they wrote for other companies. This can be accomplished with symetrical crypto just as well, if not faster than PGP.
The problem with symmetrical ciphers is one of *scaling*. Since a key must be exchanged with each other person, the total number of keys growns rapidly as the community of participants increases. At any stage, the key may be lost, stolen, observed, shared with the Feds, etc. A community of 700 participants, as here on Cypherpunks, would mean each person would have to generate, exchange (securely!), and store 700 specific keys for use just with others. This is the famed "key distribution problem." With public key methods, this problem is largely solved. Each person can generate his or her own key, publish the public key part of it, and be done with it. More than just for secure 2-way communications, this opens the door for all the other applications Cypherpunks are so interested in. Symmetric ciphers likek DES or IDEA just don't offer that richness. (Symmetric ciphers are of course often embedded in public key protocols, as with using RSA to protect DES session keys. In this case, the cumbersome problems of key distribution are avoided, and the speed advantages of symmetric ciphers are obtained.) I haven't said Cypherpunks should avoid symmetric ciphers, just that they produce little of the revolution in communication and commerce that interests us so much. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. "National borders are just speed bumps on the information superhighway."
tcmay: # The problem with symmetrical ciphers is one of *scaling*. # # Since a key must be exchanged with each other person, the total number # of keys growns rapidly as the community of participants increases. At Russell Brand has observed that many people only send PGP mail to people with whom they have personally exchanged keys -- that even the "web of trust" idea is not used as much as the "personal key exchange" idea. In this case, a single symmetric key exchange transaction between two friends is is no more cumbersome than the PGP "i'll sign you mine if you'll sign me yours". I have thought seriously about a revival of symmetric key exchange, with the look and feel of a PGP key signing session, but without the transitive effect and without the legal hassles. <strick>
tcmay: # The problem with symmetrical ciphers is one of *scaling*. # # Since a key must be exchanged with each other person, the total number # of keys growns rapidly as the community of participants increases. At
Russell Brand has observed that many people only send PGP mail to people with whom they have personally exchanged keys -- that even the "web of trust" idea is not used as much as the "personal key exchange" idea. I think Strick is missing the incredible implications of public keys:
1. Most people who send me PGP-encrypted messages get my public key off the key servers, not from me. I generated this key once, for a Cypherpunks keyring hoopla circa November 1992, and that was that. Very painless. Just like the "phone directory" of public keys the pioneers of public key promised. 2. With symmetric ciphers, each person has to keep track of the keys used with _each_ communicant. Instead of, say, 100 people having a total of 100 public keys and 100 private keys, for a total of 200 keys, each person would have to keep track of *99 keys*, for a total of 9,900 keys! In my book, 200 keys total beats 9,900 keys any day. And the difference grows rapidly with the number of likely communicants. (That one does not communicate with all of them is beside the point: one wants the _potential_ to communicate securely and hence one will need to arrange keys in advance. In reality, of course, you won't have arranged these keys or one-time pads or whatever in advance, and so secure communication will be impossible....this was the situation until recently for all but the military and the like.) More to the point, I have only one public-private key pair, and that's all I want to have keep track of. Storing 20 or 50 or 200 keys securely and being able to retrieve them securely and reliably is not a welcome alternative. 3. And don't forget security issues during key exchange! With conventional, symmetric ciphers, the keys must be exchanged by a secure channel. Anyone who sees or hears the key can read all traffic. Public key exchanges are less susceptable to eavesdropping breaches in security. (Technically, with p-k key exchanges, the key exchange channel still needs to be secure, but with some practical differences: at not point is the private key of either party shown or produced. There are some spoofing attacks--cf. Schneier--but these are easy to deal with and don't offer the same dangers of the keys being intercepted.) To make this point more succinct: In the pre-p-k days, trusted couriers carried the key material. And carried it to the many pairwise sites needed (see Point #1). With public key methods, this was ended. Diffie-Hellman even allows key exchange to take place between parites who've never met. A revolution.
I have thought seriously about a revival of symmetric key exchange, with the look and feel of a PGP key signing session, but without the transitive effect and without the legal hassles.
<strick>
Well, good luck then. But I don't plan to participate. I have no desire to carry around a floppy containing the symmetric keys of 100 or more Cypherpunks and others--not when I can look up their public key in a keyserver, finger them for it, or just ask for it to be sent to me over normal channels. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. "National borders are just speed bumps on the information superhighway."
participants (3)
-
Ron Davis -
strick -- strick AT versant DOT com -- henry strickland -
tcmay@netcom.com