[13388] in cryptography@c2.net mail archive

home help back first fref pref prev next nref lref last post

Re: Maybe It's Snake Oil All the Way Down

daemon@ATHENA.MIT.EDU (Rich Salz)
Sun Jun 1 20:46:34 2003

X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Sun, 1 Jun 2003 18:16:04 -0400 (EDT)
From: Rich Salz <rsalz@datapower.com>
To: Eric Rescorla <ekr@rtfm.com>
Cc: Scott Guthery <sguthery@mobile-mind.com>,
	cypherpunks <cypherpunks@lne.com>,
	"cryptography@metzdowd.com" <cryptography@metzdowd.com>
In-Reply-To: <kjd6hxzc07.fsf@romeo.rtfm.com>

> There are a number of standard building blocks (3DES, AES, RSA, HMAC,
> SSL, S/MIME, etc.). While none of these building blocks are known
> to be secure ..

So for the well-meaning naif, a literature search should result in "no
news is good news."  Put more plainly, if you looked up hash and didn't
find news of a SHA break, then you should know to use SHA.  That assumes
you've heard of SHA in the first place.

Perhaps a few "best practices" papers are in order.  They might help
the secure (distributed) computing field a great deal.
	/r$
--
Rich Salz                     Chief Security Architect
DataPower Technology          http://www.datapower.com
XS40 XML Security Gateway     http://www.datapower.com/products/xs40.html


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com

home help back first fref pref prev next nref lref last post