At 07:44 PM 8/26/96 EDT, JOHN E. HOLT wrote:

The Pouch uses a 64 x 64 block product cipher, a 1024 bit random initialization vector and the CBC technique. Most experts agree that such an implementation >is highly resistant to all forms of cryptographic attack.

That depends highly on the cypher. Also depends on if your "initialization vector" is truly random. (Or even close, as some other companies have found in the past...) It is resistant to all attacks that you know of. Depending on the nature of the algorythm, this could be true in some sense, false in some sense and meaningless in some sense. Without published code, it is meaningless in all senses.

Hellman and Dilfie rely on knowing the algorithm for their known plain text attacks An unpublished algorithm forces them into reverse engineering the computer programs to learn the algorithm. The POUCH has many roadblocks built in to prevent this.

I refer to Cummings, Cryptography and Data Security pages 150 and 98 in

As someone who has spent time reverse engeneering code, I find this one pretty funny. The only thing I have found that will obscure code in any real fashion is writing it badly. "Roadblocks" to reverse engeneering also tend to be a speed hit. Either way, it will not stop someone with the proper skills and tools. this >regard. Do we have to read them in reverse order or is that part of the roadblock you are using to make things more difficult...? I will be interested to see just what kind of liability problems you run into when this thing gets compromised. Of course, with a name like "The Pouch", you will probibly just claim it was a "kangaroo court". --- | "Remember: You can't have BSDM without BSD. - alan@ctrl-alt-del.com "| |"The moral PGP Diffie taught Zimmermann unites all| Disclaimer: | | mankind free in one-key-steganography-privacy!" | Ignore the man | |`finger -l alano@teleport.com` for PGP 2.6.2 key | behind the keyboard.| | http://www.teleport.com/~alano/ | alano@teleport.com |