John Gilmore wrote: >I want to add, with as much urgency as I can muster, that >high-security encryption must be used to provide this protection. No >encryption scheme endorsed by Five Eyes provides any protection >against them or indeed against similar Chinese groups.
>I, for one, judge that the intentions of the NSA are benign; but if it >ever was that is no longer the issue. The technology for breaking >these 'recommended' schemes is now so widely diffused that they >provide only the illusion and not the substance of security. >Paranoia is almost always dysfunctional. In this area it is not. We >have all been far too naif for far too long. Wellllll....AES is well-vetted by independent cryptographers, and I'm still pretty comfortable with "many times the heat-death of the universe to crack". Nothing is "uncrackable" if you posit unlimited computing power and time, after all. The recent Dual Elliptic Curve Deterministic Random Bit Generation fiasco is a different kettle of hamsters, but it certainly serves as an object lesson in considering whether recommended IVs are a good idea or not. ...phsiii (I r not a kryptografer, but I work with a bunch!) ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN