Since when did AES-128 become "snake-oil crypto"? How come I missed
that? Compusec uses AES-128 . And as far as I know AES is NOT
"snake-oil crypto"

Closed-source doesn't mean that it is "snake-oil". If that was the
case, the Microsoft's EFS, and Kerberos implementation would be "snake
oil" too.

I think you are mistaken on the definition of "snake-oil crypto".

Snake-oil crypto refers to "New mathematics", "Proprietary
cryptography", and "Pseudo-mathematical gobbledygook"....

Please see the following URL for more into on snake-oil crypto:


If I have data that's valuable enough to need encryption, I'm going
to be nervous trusting it to closed-source software.  How do I know
that Compusec's cryto is done properly?  As Bruce Schneier has
famously said, to the user snake-oil crypto looks just like good
crypto -- both scramble the bits enough to look "random" to the eye.

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to