https://bettercrypto.org/static/applied-crypto-hardening.pdf > -----Original Message----- > From: cryptography [mailto:cryptography-bounces@xxxxxxxxxxxxx] On Behalf > Of John Young > Sent: Thursday, January 16, 2014 4:29 PM > To: cryptography@xxxxxxxxxxxx; cryptography@xxxxxxxxxxxxx; > cryptome@xxxxxxxxxxxxx > Subject: Re: [cryptography] [Cryptography] Boing Boing pushing an RSA > Conference boycott > > Punishing RSA is work for bloodthirsty media and its fans. Public crypto > needs much better to offer the public than entertaining evanescent > revenge. > > 3DES is intriguing. Publicizing a list of other well-tested > ciphersystems would be constructive alternatives to "nothing can be > done, authority always wins." Public loss of trust in any comsec and > crypto is ever present. > > As a consumer, I want you to give me something useable and reliable for > ordinary use not weapons-grade illusion of infallibility. Ban the use of > "unbreakable." Stop tinkering with old reliable OTP with digital > simulacra. Stop blaming users for faulty implementation. > > Civil engineers never say a dam is infallible, they say it will fail, > watch for well-known weak spots, prepare to patch and maintain > continuously, and never forget the disasters of over-confidence, limited > construction budgets, cut backs in maintenance, and water policy > exploiters. > > Earthen dams without sluices, relying upon mass and gravity, outlast > reinforced concrete "monoliths" perforated with umpteen ways to monetize > the water flow, nowadays usually to run more server farms near > hydropower facilities. > > I'd like an earthen dam crypto tool I can watch myself for leaks. > I got PGP 2.6. Anything better that is not reliant up commercially > biased assurances? > > BTW, why is PGP Inc and IBM Inc not being bashed like RSA Inc? > > > At 01:26 AM 1/16/2014, you wrote: > >At 12:48 PM 1/15/2014, Phillip Hallam-Baker wrote: > >>What then should we do about all the folk clinging to 3DES? How about > >>the people who stuck with MD5? How about the people who have not > >>junked SHA-1? > > > >Ignoring Phill's perfectly reasonable main point, what's wrong with > 3DES? > >Sure, it's clunky, takes lots of bit-twiddling, is a good bit slower > >and larger than AES, and only gives you ~112 bits of security for your > >168 bits of keys, but is there anything wrong with it other than being > >not as good as some of the alternatives? (Ok, and maybe a bit of power > >analysis risk, depending on your > >implementation.) It's not like MD5 where there are theoretical attacks > >that make it much weaker? > > > >_______________________________________________ > >The cryptography mailing list > >cryptography@xxxxxxxxxxxx > >http://www.metzdowd.com/mailman/listinfo/cryptography > > > _______________________________________________ > cryptography mailing list > cryptography@xxxxxxxxxxxxx > http://lists.randombit.net/mailman/listinfo/cryptography