On Thu, 1 Mar 2012, Jeffrey Walton wrote:
On Thu, Mar 1, 2012 at 10:27 PM, Steven Bellovin <[email protected]> wrote:
http://www.scmagazine.com.au/News/292189,nsa-builds-android-phone-for-top-secret-calls.aspx
makes for interesting reading. I was particularly intrigued by this:
Voice calls are encrypted twice in accordance with NSA policy,
using IPSEC and SRTP, meaning a failure requires “two independent
bad things to happen,” Salter said.
Margaret Salter is the head of the Information Assurance Directorate
of the NSA.
Interesting. I seem to recall that cascading ciphers is frowned upon
on sci.crypt. I wonder if this is mis-information....
Yes, I've had that beaten into my head from books/talks/posts forever now,
but I never quite understood it.
If the end result of your ciphertext has headers or metadata that can be
used for known-plaintext attack, then it makes sense, but if you are just
feeding raw ciphertext into the next algorithm, it shouldn't be a
danger... right ?_______________________________________________
cryptography mailing list
[email protected]
http://lists.randombit.net/mailman/listinfo/cryptography
