IDEA isn't magic (was Re: gnupg1 still needed?)
David Shaw
dshaw at jabberwocky.com
Fri Jul 18 17:23:45 CEST 2008
On Fri, Jul 18, 2008 at 03:18:11PM +0200, Klaus Singvogel wrote:
> Werner Koch wrote:
> > On Fri, 18 Jul 2008 11:46, kssingvo at suse.de said:
> >
> > > But I noticed that gpg1 could support old PGP keys, if module idea is
> > > added. On the other side gpg2 it seems that gpg2 is capable to support
> >
> > I wonder why you ask. It is not possible for SuSE to include any such
> > support for an outdated, useless and patented cipher algorithm.
>
> Thats our problem: we cannot support/distribute algorithms with a
> patent-fee. :-)
>
> But I think, I should have deleted my .signature, as I was speaking
> out of personal interests and not for my company. Please note either
> that SUSE Linux dropped the support for gpg1 since 10.3 (Oct 2007),
> and is shipping gpg2 only now. Sorry for my mistake.
>
> The reason is that people came every then and a while to me and ask me
> how to use the exact algorithms, why Phil Zimmerman got accused for
> their release in the Usenet.
In that case, shouldn't you be pointing them to BassOmatic? ;)
http://en.wikipedia.org/wiki/BassOmatic
> As it is still not known how to break RSA and IDEA, people still
> want only to use (insist on?) algorithms the NSA showed the only
> time nervousness in the past.
This is silly. IDEA has not been broken, but then neither has 3DES.
3DES (1978) has been studied a lot longer, and withstood far more
attacks than IDEA (1991).
David
More information about the Gnupg-devel
mailing list