[5160] in cryptography@c2.net mail archive
Re: PGP encryption
daemon@ATHENA.MIT.EDU (Bill Stewart)
Tue Jul 20 15:42:40 1999
Date: Tue, 20 Jul 1999 11:01:32 -0700
To: coderpunks@toad.com, cryptography@c2.net,
Hans Viens <vieh01@gel.usherb.ca>
From: Bill Stewart <bill.stewart@pobox.com>
In-Reply-To: <37937FDA.6086@accessdata.com>
For traditional PGP applications, there was never a good reason
NOT to use symmetric algorithms. IDEA is strong, and much faster than RSA,
PCs were a lot slower than they are today, and most of the messages
people wanted to encrypt were email or files.
Also, RSA can only encrypt short strings, e.g. 1024 bits,
so any message that was longer would be very awkward using RSA.
The overhead in using both algorithms is small - PGP has the IDEA
software in it whether you use it or not.
But there are applications where you only want to send short messages -
credit card numbers or things like that, that can fit in 512 or 1024 bits,
and there's some value in using a standard format if you can.
At 01:43 PM 7/19/99 -0600, staym@accessdata.com wrote:
>Hans wrote:
>>When implementing PGP base encryption, is this implementation MUST use
>>symetrically Algorithms ?? Is it possible to use only the >public/private
key ?
>
>There currently isn't a way to do it under the OpenPGP Draft. Why would
>you want to? Symmetric algorithms are generally one or two orders of
>magnitude faster, and as far as we can tell, every bit as secure.
Thanks!
Bill
Bill Stewart, bill.stewart@pobox.com
PGP Fingerprint D454 E202 CBC8 40BF 3C85 B884 0ABE 4639
