On Wed, 28 Feb 2001, Todd Reed wrote:

> I understand from the replies here that SimpleCrypt isn't secure, at
> least in the sense that with enough time the encryption scheme can be
> defeated. That's true for any scheme if you have infinite amounts of
> time and computers.
> What I'd like to know is a realistic assessment of its insecurity.
> Dantz is saying it is secure enough for the majority of commercial
> uses. Is the average script kiddie going to find SimpleCrypt easy t

I wouldn't believe that claim unless I saw the source for their algorithm
(not that I could review it but a thorough peer review would be necessary
to say the least to backup the claim - no pun intended).  Since 56-bit DES
is pretty easy to crack (it took all of three days on distributed.net a
few years ago and dedicated hardware is now available for that job), and
SimpleCrypt is an unpublished proprietary algorithm, it logically follows
that SimpleCrypt is also simpler to crack.

I'm curious about the DES encryption actually - it doesn't seem to matter
if I have encryption turned on or off - backups seem to take approximately
the same amount of time.  What exactly is being backed up:  the data
stream between client and server, the contents on the tape, the catalog
(on disk) or the header on the tape (or any combination thereof)?

> >>>  Basically, Retrospect's SimpleCrypt encryption method is faster than DES,
> >>>  but the tradeoff for speed yields a less robust encryption scheme.

Which basically says, to me, that its not very strong at all :)

Kevin M. Myer
Systems Administrator
Lancaster-Lebanon Intermediate Unit 13

To subscribe:    [EMAIL PROTECTED]
To unsubscribe:  [EMAIL PROTECTED]
Archives:        <http://list.working-dogs.com/lists/retro-talk/>
Search:  <http://www.mail-archive.com/retro-talk%40latchkey.com/>

For urgent issues, please contact Dantz technical support directly at
[EMAIL PROTECTED] or 925.253.3050.

Reply via email to