From: "Philippe Nave" <pdn@dwroll.dw.att.com>
Date: Tue, 1 Feb 94 09:50:35 PST
To: cypherpunks@toad.com
Subject: Re: Matsui-san Attack
In-Reply-To: <9401312111.AA15451@atlanta.wti.com>
Message-ID: <9402011745.AA19697@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

buckley@wti.com writes :
> 
> [continuing thread on ease of cracking DES/PEM]
> 
> Using a comparable breaker on the average machine, it is going
> to take two years to "break the scheme".
> That leaves two years to create stronger/tighter strategies.
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Concerns about the validity about the 'two years' figure aside, does this
really 'leave you two years?' The technology to store messages (even ones
currently uncrackable) has been online for years already- unless your 
encrypted data is such that you don't mind having it examined by anybody
with a DES cracker, you are already at risk. In terms of careers, legal
action, and politics, a two-year event horizon is negligible. As advances
in computer power continue, the 'two-year' figure will continue to shrink.

Taking the long view, I view the PEM/DES debate as virtually identical to
the Clipper debate; Clipper's 'trap door' mindset is more overt, but getting
everbody involved in PEM/DES when the cracking technology is clearly in 
sight is no better.

- -- 
........................................................................
Philippe D. Nave, Jr.   | The person who does not use message encryption
pdn@dwroll.dw.att.com   | will soon be at the mercy of those who DO...
Denver, Colorado USA    | PGP public key: by arrangement.

-----BEGIN PGP SIGNATURE-----
Version: 2.3a

iQCVAgUBLU6UHwvlW1K2YdE1AQGG4gQAqM+LthMCzEo3T2O+fLhKih8uNYUoHhvK
6zvDWjW2PW/t/N7TdWpA2oJ2dVmpABa3ENeNvju0qrEW91CVoU5JwBMHiCxSTrOn
wtK4fcQ7m+GBvvoLO6WW5tr+FZcVluzZbJrIcnaLQVWqP/P5Bmfjspd/GfROAduX
/oR4u9pFSvk=
=O5HV
-----END PGP SIGNATURE-----