3DES weak because DES falls to brute-force? (was Re: John Gilmore...)

[Bryan Waters]

>I don't find it useful to worry about possible new general cryptanalytic
>breakthroughs: it is basically impossible to defend against them. In
>the face of an attacker who has infinite secret cryptanalytic ability 
>(within the bounds of what can be done brute-force wise) only an OTP
>would be useful, but we are talking long-term archival here.. I don't
>see how an OTP helps us. If we have a secure vault to lock the pads up
>in until either a) the heat death of the universe, or b) the Big Crunch
>then we may as well just put the plaintext in there and be done with
>it. As I see it, OTP are only workable in communications, and then
>obviously in a limited manner.
>

Are we talking long-term archival?  I'm more concerned about someone
grabbing communications in transit, storing them and throwing chips and
mathematicians at it.

If the government comes with the search warrant, then I should have already
deleted the file if I didn't want it available.  If someone wants to face
security guards or a gun by my bedside they can steal the archive.  It's
the same rules as always. (except the theif must also have the math and
chips).

In the case of archive you have the protection of physical security and in
most cases the knowledge of when it has been breached -- It's a lot
friendlier than in communications where who knows what is going on between
the sender and recipient.

OTP is a pain, and is not effective for archival -- but it is the only way
I've seen to protect communications in excess of ~30 years.

Bryan Waters                                    http://www.ultimateprivacy.com
Director of Marketing                    Voice: 512-305-0505 Fax: 512-305-0506
Ultimate Privacy Corporation       3925 W Braker Ln #305, Austin, TX, 78759