On 1/18/07, Saqib Ali <[EMAIL PROTECTED]> wrote:
Since when did AES-128 become "snake-oil crypto"? How come I missed that? Compusec uses AES-128 . And as far as I know AES is NOT "snake-oil crypto"
He didn't say that AES is snake oil. He says he wants assurance that the tool operates correctly. Using AES to generate an XOR key is still using AES, but it's using it poorly.
Closed-source doesn't mean that it is "snake-oil". If that was the case, the Microsoft's EFS, and Kerberos implementation would be "snake oil" too.
He didn't say that closed source is snake oil. He says he wants assurance that the tool operates correctly. The kind of assurance you get from having a completely open design and implementation. This is right up there with Seagate's encrypting disk which Dave Korn (rightfully) expressed dismay over... "And the reason is that software vendors, particularity software vendors in the security world need to have some place to hide their secrets. And we provide the perfect place to hide secrets, because we can cryptographically handle things in a way that makes very difficult to snoop or sniff the secrets. We have hidden operation in the drive as well as hidden storage place that normally can't be accessed via ATA commands. So in a way we have a bit of a black box, in terms of a security device, that no one knows what is going on in there, and it is a perfect place to hide stuff." That's just wrong on so many levels. I want to know exactly how my data is being transformed and stored. I want to be absolutely sure that the on-disk representation of my data is critically dependent on my key, and not on some vendor-derived key based on my disk serial number. I want to know for sure that reading sector -42 won't hand you back my key. I want to know that my encryption software isn't somehow leaking my key. etc. Hand me a crypto tool so well designed, so carefully audited and so rigourously proven that it's approved for storing the government secrets until the end of time... I'll still say "that's nice, where's my copy of the source code". CK -- GDB has a 'break' feature; why doesn't it have 'fix' too? --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]