1994-05-31 - Re: (fwd) Re: NSA Helped Yeltsin Foil 1991 Coup

Header Data

From: “Perry E. Metzger” <perry@imsi.com>
To: jpp@jpplap.markv.com (Jay Prime Positive)
Message Hash: 6cf5913843e614edab745ea213bd5ee715c44f0246ef818e2c2b031e1c718e8e
Message ID: <9405311129.AA15931@snark.imsi.com>
Reply To: <m0q7G9i-0003paC@jpplap>
UTC Datetime: 1994-05-31 11:31:26 UTC
Raw Date: Tue, 31 May 94 04:31:26 PDT

Raw message

From: "Perry E. Metzger" <perry@imsi.com>
Date: Tue, 31 May 94 04:31:26 PDT
To: jpp@jpplap.markv.com (Jay Prime Positive)
Subject: Re: (fwd) Re: NSA Helped Yeltsin Foil 1991 Coup
In-Reply-To: <m0q7G9i-0003paC@jpplap>
Message-ID: <9405311129.AA15931@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Jay Prime Positive says:
>    Date: Fri, 27 May 94 18:54 PDT
>    From: jpp@jpplap.markv.com (Jay Prime Positive)
> 
>    Infact, the birthday paradox just about garantees
>    that the number is less than E1*E2*E3.
> 
> After thinking about it some more, I think I would like to rephrase
> that.  I don't think 2^k is nearly close enough to ((2^k)!)^(1/2) for
> me to say 'garantee'.  But, it is possible for E1*E2*E3 to excede the
> number of permutations of the e1( e2( e3( x ))) system.

Possible, yes. Indeed, I'd say its almost certain that you'll lose
some fraction of a bit of key. I don't lose sleep over fractions of
bits.

In fact, this whole thing is completely silly. If it were possible to,
say, break IDEA by then encrypting the IDEA output with DES using a
key independant from the IDEA key, all an attacker would have to do is
encrypt all IDEA ciphertext he gets with DES and he could break it --
DES then becomes a tool for breaking IDEA. If IDEA is secure, it is
secure against almost all functions (ones selected with knowlede of
the key being the exception) being applied to the ciphertext.

I completely agree that your scheme is in theory more secure. So is a
one time pad. People don't use impractical schemes that actually do
lend real security -- why use one that only adds theoretical security?

If I have a series of encryption functions applied with independent
keys, the only way one can weaken another is if the systems were not
secure in the first place. If one of the systems is secure, no number
of non-secure encryptions applied with random keys is going to ever
weaken it in practice. If it could, that would be the way to break the
secure system, and even used alone it would not be secure.

Perry





Thread