1996-04-14 - Re: carrick, Blowfish & the NSA

Header Data

From: SINCLAIR DOUGLAS N <sinclai@ecf.toronto.edu>
To: perry@piermont.com
Message Hash: d72c81055767f961acef03fede4983a2737e2a0c0764d902f910033558de22a6
Message ID: <96Apr14.100201edt.1826@cannon.ecf.toronto.edu>
Reply To: <199604140849.EAA05136@jekyll.piermont.com>
UTC Datetime: 1996-04-14 16:21:22 UTC
Raw Date: Mon, 15 Apr 1996 00:21:22 +0800

Raw message

From: SINCLAIR  DOUGLAS N <sinclai@ecf.toronto.edu>
Date: Mon, 15 Apr 1996 00:21:22 +0800
To: perry@piermont.com
Subject: Re: carrick, Blowfish & the NSA
In-Reply-To: <199604140849.EAA05136@jekyll.piermont.com>
Message-ID: <96Apr14.100201edt.1826@cannon.ecf.toronto.edu>
MIME-Version: 1.0
Content-Type: text/plain

> Jerry Whiting writes:
> > One reason we chose to use Blowfish as the basis for carrick is that
> > it _is_ a new algorithm.  One has to assume that the NSA et al. has
> > tools optimized to crack DES and possibly IDEA/RSA.  At least let's
> > give them something else to sweat over.
> They won't sweat over it long. Blowfish was broken.

Yikes!  Are you sure?  This is the first I've heard of it.  This would mean
that PGPPhone is not secure.