[7962] in cryptography@c2.net mail archive
Re: Multi-part security solutions (Was: Re: Rijndael & Hitachi)
daemon@ATHENA.MIT.EDU (Paul Crowley)
Fri Oct 13 00:17:27 2000
To: Meyer Wolfsheim <wolf@priori.net>
Cc: cryptography@c2.net, cypherpunks@cyberpass.net
From: Paul Crowley <paul@cluefactory.org.uk>
Date: 12 Oct 2000 11:48:35 +0100
In-Reply-To: Meyer Wolfsheim's message of "Wed, 11 Oct 2000 16:57:09 -0700 (PDT)"
Message-ID: <871yxm5o8s.fsf@hedonism.subnet.hedonism.cluefactory.org.uk>
Meyer Wolfsheim <wolf@priori.net> writes:
> The only reasons I see for having a security system (be it an encryption
> product, or a physical access device) with a large discrepancy in the level
> of security that the individual components provide is either:
[snip reasons a, b and c]
I'm sure you've thought of this, but there's also a reason (d):
because the most convenient component for a particular application is
vastly more secure than you need. When using a cipher as a component,
you might as well use a ludicrously strong one like Rijndael or
Blowfish, because there's nothing to be gained from using a weaker
one. Good locks are more expensive than bad ones, but strong crypto
is free.
--
__
\/ o\ Employ me! Cryptology, security, Perl, Linux, TCP/IP, and smarts.
/\__/ paul@cluefactory.org.uk http://www.cluefactory.org.uk/paul/cv/
