From: tedwards@access.digex.net
Date: Sat, 3 Feb 1996 03:20:29 +0800
To: von@Pulver.COM
Subject: Re: Voice On the Net Digest V2 #44
In-Reply-To: <199602021245.HAA10963@enterprise.pulver.com>
Message-ID: <Pine.SUN.3.91.960202132426.18728A-100000@access5.digex.net>
MIME-Version: 1.0
Content-Type: text/plain




> From: "Shane D. Mattaway" <shane@netspeak.com>
> Date: Thu, 1 Feb 1996 07:12:32 -0500
> Subject: [VON]: WebPhone Beta 6 Release

> AUDIO ENCRYPTION
> All audio transmissions are encrypted to provide secure conversations
> without any performance overhead. Encryption is accomplished using a
> proprietary algorithm.

If the encryption is secure, there is no need to have "security through 
obscurity."  

I rather doubt that the makers of WebPhone have invented a proprietary
encryption method that actually provides a high level of security.  Most
truly secure encryption methods (DES, RSA, IDEA) are presented for peer
review for years before the academic and cryptographic communities deem
them to be reasonably secure. 

It is easy to claim you have a secure encryption algorithm - but most such 
algorithms turn out later to have serious security holes.  Only some 
manage to hold up to their security claims under close academic analysis.

PGPfone's encryption methods are available for public inspection, and are 
generally accepted by the cryptographic community to be secure.

-Thomas Edwards