1993-04-29 - Re: Tough Choices: PGP vs. RSA Data Security

Header Data

From: uri@watson.ibm.com
To: cypherpunks@toad.com
Message Hash: eb006e20ef7f97fd3ec2081d2f1d4aa0f016e953bbd2ba53709978ce85c694ce
Message ID: <9304291612.AA17566@buoy.watson.ibm.com>
Reply To: <9304281433.AA05674@pizzabox.demon.co.uk>
UTC Datetime: 1993-04-29 16:24:41 UTC
Raw Date: Thu, 29 Apr 93 09:24:41 PDT

Raw message

From: uri@watson.ibm.com
Date: Thu, 29 Apr 93 09:24:41 PDT
To: cypherpunks@toad.com
Subject: Re:  Tough Choices: PGP vs. RSA Data Security
In-Reply-To: <9304281433.AA05674@pizzabox.demon.co.uk>
Message-ID: <9304291612.AA17566@buoy.watson.ibm.com>
MIME-Version: 1.0
Content-Type: text/plain


Sy Verpunc writes:
 > : .........Brief conversation with Jim Bidzos
 > : at the cypunx mtg indicated that he is very much up for something along the
 > : lines of a personal encryption product that would meet our needs.

Well, this is yet to be seen.

 > All he has to do is let us pay a licence fee for pgp.  What's the advantage
 > to him in asking for a different piece of code that uses RSAREF and DES
 > instead of Phil's code and IDEA?

Practically none, especially since RIPEM is already running, and
is as free as PGP. Of course, single DES is somewhat less
resistant to brute force, thus triple DES would be more
appropriate...

 > I can't see it, except that using DES blows away the security
 > of the program...

Oh, come on now. It looks like every fool in the world
believes now he can crack DES... Let me enlighten you:
even IF one gets a DES engine fast enough and can put
lots of those in parallel - that one still needs lots
of ahrdware/software. Which isn't very feasible today.

 > No, I think this suggestion should be put down now, or we'll splinter and
 > give them exactly the divide-and-conquer opening they're looking for.

Agreed.

Regards,
Uri.
------------
<Disclaimer>





Thread