Index for ftp site csn.org:/mpj/
smb at research.att.com
smb at research.att.com
Mon Jan 31 10:59:31 PST 1994
I just recently got MacRipem and find it much easier to use th
an PGP,
and was wondering why I should use PGP over Ripem. The above
seems to
indicate that Ripem isn't as secure. Why is this?
I don't doubt that its much easier to use -- it was written by Ray
Lau, who is an excellent Mac/UI programmer. The most reasonable
reasons why it might be called "less secure" is that RIPEM does not
have a signature web like PGP does. It is possible in PEM to only
have one signature on your certificate, which can be your own
signature, or that of a CA. Therefore, you either have the status of
"I say I am who I say I am", or a "Certification Authority says I am
who I say I am".
I can't speak for RIPEM, but that's not accurate for PEM. You can have
as long a chain of signatures as you want up to the certifying authority.
That may not be as general as you'd like, but it's better than just a
single authority.
A bigger problem is that PEM uses DES rather than IDEA. I just learned
of a new attack by Mitsuru Matsui of Mitsubishi that requires 2^43
*known* plaintexts, not chosen ones. The note I received says that it
``breaks the scheme in 50 days on 12 HP9735 workstations''. This was
presented last week at the Japanese Conference on Cryptography and
Information Security.
More information about the Testlist
mailing list