1993-04-22 - Re: New Algorithm…

Header Data

From: Peter Meyer <meyer@mcc.com>
To: cypherpunks@toad.com
Message Hash: c7a6008de4ddc3d9488080f846b05fb87ff5c11987efc905cae6416c5f5e6313
Message ID: <19930422204625.1.MEYER@OGHMA.MCC.COM>
Reply To: <9304222007.AA05127@snark.shearson.com>
UTC Datetime: 1993-04-22 20:47:20 UTC
Raw Date: Thu, 22 Apr 93 13:47:20 PDT

Raw message

From: Peter Meyer <meyer@mcc.com>
Date: Thu, 22 Apr 93 13:47:20 PDT
To: cypherpunks@toad.com
Subject: Re: New Algorithm...
In-Reply-To: <9304222007.AA05127@snark.shearson.com>
Message-ID: <19930422204625.1.MEYER@OGHMA.MCC.COM>
MIME-Version: 1.0
Content-Type: text/plain


    Date: Thu, 22 Apr 1993 15:07 CDT
    From: "Perry E. Metzger" <pmetzger@lehman.com>

    "Haywood J. Blowme" says:
    [Lots about some J. Random Companies encryption chip]

    All fine and well, but since we have IDEA already, why should we want
    it? For virtually all applicatons these days other than fully
    encrypting network traffic, software is fine. DES implementations in
    software can handle 1.5 Mbit/s on reasonable machines. Beyond that, if
    we need hardware, why not use one of the currently publically known
    algorithms like DES or IDEA, or a combination of them? Why use some
    other companies algorithm?

    Perry

Even when using encryption software there may be reasons to use
something other than DES.  One possible reason (apart from doubts about
whether NSA can break DES in one or more of its modes) is that, although
the security and speed of an encryption algorithm is of central
importance, the quality of the user-interface is also important.

For example, if you want to encrypt/decrypt thirty files in five
different subdirectories twice a day, and do it in an office with your
colleagues looking over your shoulder, you won't want to be using
software that encrypts only one file at a time and also displays the
encryption key as you type it in (though you might like to have the key
echoed when no-one else is about).

There are lots of other things to be considered besides the algorithm
itself when designing good encryption software, e.g. if someone
accidentally yanks out the power cord to the computer during decryption
do you kiss goodbye to the data?

-- Peter Meyer






Thread