1996-01-31 - Re: Lotus Notes

Header Data

From: frantz@netcom.com (Bill Frantz)
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Message Hash: 25993e656e4bdc893abfa5481f831602fe1c1bba1d3ff85b2f6677228feb0ab1
Message ID: <199601310705.XAA09848@netcom6.netcom.com>
Reply To: N/A
UTC Datetime: 1996-01-31 07:20:19 UTC
Raw Date: Wed, 31 Jan 1996 15:20:19 +0800

Raw message

From: frantz@netcom.com (Bill Frantz)
Date: Wed, 31 Jan 1996 15:20:19 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Lotus Notes
Message-ID: <199601310705.XAA09848@netcom6.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At  8:13 PM 1/30/96 -0500, Futplex wrote:
>Bill Frantz writes:
>> One other small advantage I can see to using Lotus's crippled encryption. 
>> It disguises the fact that a message is actually (double) encrypted with
>> PGP.  Attackers have to break the 40 bits before they see the PGP encrypted
>> data.  
>
>I don't understand. Are you saying that there's a special benefit to doing
>superencryption (GAK encryption over non-GAK encryption) when the GAK layer 
>is Lotus Notes ?

Tim May had it exactly right in his post entitled "Silver Linings and
Monkey Wrenches" (thanks Tim).  The only thing I can add is that forcing
them to attack a 40 bit key is better than giving them the whole key thru
some LEAF scheme ala Clipper.

As long as you can cut and paste, PGP (at least the Mac version) is hard to
lock out and minimally usable.

Bill







Thread