Rijndael & Hitachi

Steven M. Bellovin smb at research.att.com
Wed Oct 11 07:25:21 PDT 2000


In message <5.0.0.25.2.20001010154833.03a01b80 at ebible.org>, Michael Paul Johnso
n writes:
>
>To put this suggestion into perspective, consider that in the real world, pure
> cipher strength is rarely the weakest link in the security chain, provided th
>at a reasonable key length and cipher are chosen. Having done that, go for it 
>if you still think you can afford the extra time, space, and key management wi
>th (probably) no measurable increase in overall system security.

Precisely.  What is the *real* threat model?

History does indeed show that believed-secure ciphers may not be, and 
that we do indeed need a safety margin.  But history shows even more 
strongly that there are many better ways to the plaintext, and that's 
the real goal.

		--Steve Bellovin







More information about the cypherpunks-legacy mailing list