home *** CD-ROM | disk | FTP | other *** search
- Newsgroups: sci.crypt
- From: Owen.Lewis@purplet.demon.co.uk (Owen Lewis)
- Path: sparky!uunet!pipex!demon!purplet!Owen.Lewis
- Subject: Re: DES (Was: Re: 800MHz
- Organization: FidoNet node 2:252/305 - The Purple Tentacle, Reading
- Date: Fri, 8 Jan 1993 01:33:00 +0000
- Message-ID: <34.2B50D63C@purplet.demon.co.uk>
- Sender: usenet@demon.co.uk
- Lines: 29
-
- -=> Quoting Lyle_seamanAllransarc.com to All <=-
-
- (Owen Lewis) writes:
- > Does the US government (use DES)? I believe not.
-
- Ly> I would bet that this is because they want classified material to be
- Ly> safe for a hundred years or so. They recognize that DES (while it may
- Ly> be relatively safe for the near future) will be highly vulnerable to
- Ly> brute-force attack within 50 years, and they have a lot of secrets
- Ly> they'd rather no one found out about. It doesn't have to be because
- Ly> there are hidden flaws in DES.
-
- But not all govt material requires (or is given) protection that should
- last for 50 years. While some information may be of crucial importance
- for several days (say) it will become worthless shortly thereafter. Isn't the
- point that breaking a cypher - be it DES or any other - would endanger vital
- short term information too. Information should be classified by its
- sensitivity alone (though automatic declassification should be possible once
- it has passed its 'sell by' date.
-
- Therefore, no highly classified material ought to be entrusted to any system
- where there is doubt as to its medium term security. It would seem that the
- US and other major governments take that view. In my opinion, commercial
- users bearing appreciable levels of threat to their information security
- (e.g. hi-tech R&D, financial institutions, pharmecutical and
- bio-engineering companies) would be well advised to take a similar view.
-
- ___ Blue Wave/QWKv2.11
-
-
