[svlug] Firewalls?
John Conover
conover at rahul.net
Wed Jan 24 00:21:36 PST 2007
Rick Moen writes:
>
> However, the exact opposite is actually the case: Older uncracked
> ciphers merit much greater trust than do newer uncracked ciphers,
> because they have a much longer history of surviving inventive,
> determined attacks of all sorts from other cryptographers. E.g.,
> Bruce Schneier will tell you that his relatively new Twofish cipher is
> _probably_ a really good example of symmetric crypto, but is way too
> unseasoned to put much faith in yet, and that you're much better off
> relying on 3DES or Blowfish.
>
Like SHA-1, for example.
See:
http://www.schneier.com/blog/archives/2005/02/cryptanalysis_o.html
which is from 2005. See next:
http://en.epochtimes.com/news/7-1-11/50336.html
which will require the banking system to change its cipher
methodology in the next few years.
But you are right, Rick. The older cipher's that have shown their
mettle are better; at least they have been durable enough to justify
being adequately analyzed-and their frailties found-to make their
demise somewhat graceful.
John
BTW, the point is, some ciphers are better than others, but there is
no such thing as an eternally trustworthy cipher. The crackers are
always in the driver's seat-time is on their side, (which is a logical
contradiction, since it would infer that one should always use the
newest techniques.)
--
John Conover, conover at rahul.net, http://www.johncon.com/
More information about the Svlug
mailing list