l i n u x - u s e r s - g r o u p - o f - d a v i s
Next Meeting:
July 7: Social gathering
Next Installfest:
Latest News:
Jun. 14: June LUGOD meeting cancelled
Page last updated:
2002 Jun 04 22:34

The following is an archive of a post made to our 'vox-tech mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox-tech] Which cipher to use?
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox-tech] Which cipher to use?

On Tue, 4 Jun 2002, Micah Cowan wrote:
> <rant>
> Which is why you should get extremely skeptical when a company called
> Prescient claims to have created a "virtually unbreakable" encryption
> system called e2sec, which claims to be a Vernam Cipher, yet its proud
> creators say that rather than having to store and pass around large
> keys, they pass around mathematical functions from which the keys are
> generated. Which means that the keys are *not* random - and therefore,
> by definition, *not* a Vernam Cipher. And therefore, not proven to be
> virtually unbreakable, as they claim.

It's amazing the self-deception these kind of companies are capable of.  I
remember Prof. Bishop telling me about another company he'd heard of,
claiming--you guessed it--mathematically unbreakable secure communications
using OTP.  You crypto-knowledgeable people know that the trouble with OTP
(with any symmetric cipher, actually) is key exchange--you have to get the
key to the guy at the other end.  So Bishop asked how the pads were
tranferred.  Why, they were sent across the same wire, encrypted;
effectively, the security of the message now rested in the encryption of
the key, only they STILL thought it was "mathematically unbreakable".
D'oh!  :)

One of these days we should have a crypto talk or something; nothing
fancy, maybe just outlining what it can and can't do, and how to recognize
snake oil pitches.

--nicole twn

"Every jumbled pile of person has a thinking part that wonders what the
part that isn't thinking isn't thinking of."--They Might Be Giants
Visit Nicolopolis! http://wwwcsif.cs.ucdavis.edu/~carlsonn
nmcarlson@ucdavis.edu ana.ng@tmbg.org carlsonn@seclab.cs.ucdavis.edu

vox-tech mailing list

LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
EDGE Tech Corp.
For donating some give-aways for our meetings.