Re: des-cbc cipher

To: Damien Miller <djm%mindrot.org@localhost>
Subject: Re: des-cbc cipher
From: RJ Atkinson <rja%inet.org@localhost>
Date: Wed, 28 Nov 2001 22:26:11 -0500

At 21:50 28/11/01, Damien Miller wrote:
>On Wed, 28 Nov 2001, RJ Atkinson wrote:
>
>>         Kindly put the shoe on the other foot for a moment.
>> What problem is solved by omitting the DES-CBC information 
>> from the drafts ?  Are we saving bytes on a disk or what ?

Damian,

        Kindly answer the question posed.  Are we saving bytes ?
Or is your goal to make it impossible for folks to use DES-CBC
because you think you know more than they do about their situation 
and threat environment ?   

        And by the way, all algorithms are insecure.  And the low-cost 
attacks on SSHv2 aren't brute force and don't vary with the algorithm 
in use (try reading Ross Anderson's paper on "Why Cryptosystems Fail" 
if any of this seems confusing).

Ran

Follow-Ups:
- Re: des-cbc cipher
  - From: Damien Miller

References:
- Re: des-cbc cipher
  - From: RJ Atkinson

Prev by Date: Re: des-cbc cipher
Next by Date: Re: des-cbc cipher
Previous by Thread: Re: des-cbc cipher
Next by Thread: Re: des-cbc cipher
Indexes:

Home | Main Index | Thread Index | Old Index