Meyer Wolfsheim <wolf@priori.net> writes:

The only reasons I see for having a security system (be it an encryption product, or a physical access device) with a large discrepancy in the level of security that the individual components provide is either:

[snip reasons a, b and c] I'm sure you've thought of this, but there's also a reason (d): because the most convenient component for a particular application is vastly more secure than you need. When using a cipher as a component, you might as well use a ludicrously strong one like Rijndael or Blowfish, because there's nothing to be gained from using a weaker one. Good locks are more expensive than bad ones, but strong crypto is free. -- __ \/ o\ Employ me! Cryptology, security, Perl, Linux, TCP/IP, and smarts. /\__/ paul@cluefactory.org.uk http://www.cluefactory.org.uk/paul/cv/