CDR: Re: Multi-part security solutions (Was: Re: Rijndael & Hitachi)

Paul Crowley paul at cluefactory.org.uk
Thu Oct 12 03:48:35 PDT 2000


Meyer Wolfsheim <wolf at priori.net> writes:
> The only reasons I see for having a security system (be it an encryption
> product, or a physical access device) with a large discrepancy in the level
> of security that the individual components provide is either:

[snip reasons a, b and c]

I'm sure you've thought of this, but there's also a reason (d):
because the most convenient component for a particular application is
vastly more secure than you need.  When using a cipher as a component,
you might as well use a ludicrously strong one like Rijndael or
Blowfish, because there's nothing to be gained from using a weaker
one.  Good locks are more expensive than bad ones, but strong crypto
is free.
-- 
  __
\/ o\ Employ me! Cryptology, security, Perl, Linux, TCP/IP, and smarts.
/\__/ paul at cluefactory.org.uk    http://www.cluefactory.org.uk/paul/cv/





More information about the cypherpunks-legacy mailing list