Punishing RSA is work for bloodthirsty media and its fans. Public crypto needs much better to offer the public than entertaining evanescent revenge. 3DES is intriguing. Publicizing a list of other well-tested ciphersystems would be constructive alternatives to "nothing can be done, authority always wins." Public loss of trust in any comsec and crypto is ever present. As a consumer, I want you to give me something useable and reliable for ordinary use not weapons-grade illusion of infallibility. Ban the use of "unbreakable." Stop tinkering with old reliable OTP with digital simulacra. Stop blaming users for faulty implementation. Civil engineers never say a dam is infallible, they say it will fail, watch for well-known weak spots, prepare to patch and maintain continuously, and never forget the disasters of over-confidence, limited construction budgets, cut backs in maintenance, and water policy exploiters. Earthen dams without sluices, relying upon mass and gravity, outlast reinforced concrete "monoliths" perforated with umpteen ways to monetize the water flow, nowadays usually to run more server farms near hydropower facilities. I'd like an earthen dam crypto tool I can watch myself for leaks. I got PGP 2.6. Anything better that is not reliant up commercially biased assurances? BTW, why is PGP Inc and IBM Inc not being bashed like RSA Inc? At 01:26 AM 1/16/2014, you wrote:
At 12:48 PM 1/15/2014, Phillip Hallam-Baker wrote:What then should we do about all the folk clinging to 3DES? How about the people who stuck with MD5? How about the people who have not junked SHA-1?Ignoring Phill's perfectly reasonable main point, what's wrong with 3DES?Sure, it's clunky, takes lots of bit-twiddling, is a good bit slower and larger than AES, and only gives you ~112 bits of security for your 168 bits of keys, but is there anything wrong with it other than being not as good as some of the alternatives? (Ok, and maybe a bit of power analysis risk, depending on your implementation.) It's not like MD5 where there are theoretical attacks that make it much weaker?_______________________________________________ The cryptography mailing list cryptography@xxxxxxxxxxxx http://www.metzdowd.com/mailman/listinfo/cryptography