[13388] in cryptography@c2.net mail archive
Re: Maybe It's Snake Oil All the Way Down
daemon@ATHENA.MIT.EDU (Rich Salz)
Sun Jun 1 20:46:34 2003
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Sun, 1 Jun 2003 18:16:04 -0400 (EDT)
From: Rich Salz <rsalz@datapower.com>
To: Eric Rescorla <ekr@rtfm.com>
Cc: Scott Guthery <sguthery@mobile-mind.com>,
cypherpunks <cypherpunks@lne.com>,
"cryptography@metzdowd.com" <cryptography@metzdowd.com>
In-Reply-To: <kjd6hxzc07.fsf@romeo.rtfm.com>
> There are a number of standard building blocks (3DES, AES, RSA, HMAC,
> SSL, S/MIME, etc.). While none of these building blocks are known
> to be secure ..
So for the well-meaning naif, a literature search should result in "no
news is good news." Put more plainly, if you looked up hash and didn't
find news of a SHA break, then you should know to use SHA. That assumes
you've heard of SHA in the first place.
Perhaps a few "best practices" papers are in order. They might help
the secure (distributed) computing field a great deal.
/r$
--
Rich Salz Chief Security Architect
DataPower Technology http://www.datapower.com
XS40 XML Security Gateway http://www.datapower.com/products/xs40.html
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com