Bill Stewart wrote:
These days nobody *has* a better cryptosystem than you do They might have a cheaper one or a faster one, but for ten years the public's been able to get free planet-sized-computer-proof crypto ...
I seem to remember that the Nazis said the same thing about Enigma. Even when evidence began to filter back that it had been broken, they ignored it because they were so confident that a break was impossible.
It's true that protocol and programming problems account for the huge majority of security holes. The WEP break, though, was one notable exception. They were using an established cryptosystem (RC4) with a planet sized key (128 bits). However, a weakness in RC4 itself let them down.
... if you don't like it, you can switch from 3DES and 1024-bit RSA to 5DES and/or 4096-bit RSA.
I don't know about 4096-bit, but you should switch to something if you care about security; recent results imply that it may be possible to factor 1024-bit numbers. -- Pete --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]