From: “Peter Trei” <trei@process.com>
To: cypherpunks@toad.com
Message Hash: 2fd55e41f33704ad5b2c06faab5f9432f85b485f8fb657b53e8fc03931c1481a
Message ID: <199612191553.HAA24151@toad.com>
Reply To: N/A
UTC Datetime: 1996-12-19 15:53:27 UTC
Raw Date: Thu, 19 Dec 1996 07:53:27 -0800 (PST)
From: "Peter Trei" <trei@process.com>
Date: Thu, 19 Dec 1996 07:53:27 -0800 (PST)
To: cypherpunks@toad.com
Subject: RE: !! Point 'n Crypt -- Win95 Privacy for Everyone !!
Message-ID: <199612191553.HAA24151@toad.com>
MIME-Version: 1.0
Content-Type: text/plain
> From: Walt Armour <walt@blarg.net>
> Subject: RE: !! Point 'n Crypt -- Win95 Privacy for Everyone !!
> Security through obscurity is no security at all.
>
> As for PnC (actually, the scCryptoEngine beneath it), we get the 40 bits
> from the 56 bits by nulling out the high nybble of every other byte.
>
> walt
>
> ----------
> From: Peter Trei[SMTP:trei@process.com]
> Would you mind telling us just how you expand the 40 key to the 56
> bits needed for DES? (Security through obscurity has a bad rep on
> this list). For many methods of doing so, 40bit DES is NOT
> secure against a motivated individual's attack.
>
> Peter Trei
> trei@process.com
Thanks for being so forthcoming!
There are methods for using 40 bit keys that are a lot better than
this. My contention stands: 50 200MHz Pentiums *WILL* crack this
overnight. A single 100 MHz Pentium will do it in a month. (This
assumes a known plaintext attack in EBC or CBC mode).
Not utterly trivial, but well within the means of a motivated
individual.
Peter Trei
trei@process.com
Return to December 1996
Return to ““Peter Trei” <trei@process.com>”
1996-12-19 (Thu, 19 Dec 1996 07:53:27 -0800 (PST)) - RE: !! Point ‘n Crypt – Win95 Privacy for Everyone !! - “Peter Trei” <trei@process.com>