This was sent to several individuals and five mailing lists. Is that necessary?
I've cut reply down to two lists.
Marc Horowitz wrote:
For most attackers and most secrets, more traditional techniques like
blackmail and torture are likely to be cheaper and easier than the
attacks below. At
I presume if he fails to deliver the goods on time you'll henceforth
consider 56 bit secure, in all eternity (=5-10 years)?
Strange kind of reasoning.
Marshall Clow writes:
OK, Bob.
You have claimed to be from Missouri.
Show me.
Here's an encrypted file, encrypted with a 56 bit
cheap shot. "completely - crackable 56 bits"
indeed. You have no idea what the algorithm is like, so you can't be sure of that.
And that's the rub.
On the other hand, since you have no idea what the algorithm is like, you can't
have any confidence that it's any good. You just have to wa
trust an e-commerce solution by IBM or Counterpane and he'd
likely choose IBM. Most people reading this would probably choose
Counterpane.
People will believe that 56-bits is fine.. and then we'll never get the
damn export regs changed, and it will only get worse .. once the people
believe
. There is obviously
no *technical* reason to use 56 bits when stronger and more efficient
alternatives exist.
I would quibble with the claim on Apple's web site that this represents
"industrial strength" encryption. Maybe it does, but in the same way that
black and white images at 300dpi represent
l, perhaps the highest goal for which you can build a
mass market product. Me, I'll use/buy the bloody best I
can, but I will rest vastly easier when even middling
encryption is a pervasive reality, i.e., when everybody's
mother is using 56 bits my 128 bit super-encryption will
be just as secure but
Wiping is not enough in some cases. With magnetical proximal probe
microscopy one can read residual magnetisation even in low-level
formatted disks.
First wiping with ones and zeroes and then overwriting several times
with (pseudo)random sequences offers better protection.
The optimal solution
