Since when did AES-128 become "snake-oil crypto"? How come I missed that? Compusec uses AES-128 . And as far as I know AES is NOT "snake-oil crypto"
Closed-source doesn't mean that it is "snake-oil". If that was the case, the Microsoft's EFS, and Kerberos implementation would be "snake oil" too. I think you are mistaken on the definition of "snake-oil crypto". Snake-oil crypto refers to "New mathematics", "Proprietary cryptography", and "Pseudo-mathematical gobbledygook".... Please see the following URL for more into on snake-oil crypto: http://www.schneier.com/crypto-gram-9902.html#snakeoil saqib http://www.full-disk-encryption.net
If I have data that's valuable enough to need encryption, I'm going to be nervous trusting it to closed-source software. How do I know that Compusec's cryto is done properly? As Bruce Schneier has famously said, to the user snake-oil crypto looks just like good crypto -- both scramble the bits enough to look "random" to the eye.
--------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]