[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Sheflug] Re: GPG/crypto (was SUID bit)
Richard,
>
> This is plain old fashioned crap.
>
This is all very well to say, but I have yet to see some references to back
this up. There's a lot of conspiracy theories floating out out there, some of
which may be true, others not. I have the GnuPG source (for 1.0.2), and there
is *no* documentation within it that talks about crypto generally that I can
see, and has been pointed out that algorithms it uses includes 3DES and
Blowfish. I have not found an archive of the GPG list - if you know of one, I
will review it. I have posted references here, yet I am waiting for
references from yourself, short of "GPG docs and GPG list", which isn't that
precise. Surely if they are classed as insecure, why would GPG implement
them, based on what you have been saying?
Blowfish has been analysed and there is no known attack against it short of a
differential attack against weak keys. Twofish was, as has been pointed out,
an AES candidate. Both algorithms are public knowledge, the algorithm is
there for peer review, and there is no easy break that has been found. 3DES
is still being touted as secure according to feedback I'm getting so far from
other sources (see sci.crypt).
For this, I fear we may have to aggree to disaggree.
Chris...
--
@}-,'-------------------------------------------------- Chris Johnson --'-{ [at]
/ "(it is) crucial that we learn the difference / sixie [at] nccnet.co.uk \
/ between Sex and Gender. Therein lies the key / \
/ to our freedom" -- LB / www.nccnet.co.uk/~sixie \
---------------------------------------------------------------------
Sheffield Linux User's Group - http://www.sheflug.co.uk
To unsubscribe from this list send mail to
- <sheflug-request [at] vuw.ac.nz> - with the word
"unsubscribe" in the body of the message.
GNU the choice of a complete generation.