Where could I ask a general question about encryption not specific to gpg?

J. Scott Edwards j.scott.edwards.nwos at gmail.com
Fri Jun 27 16:12:16 CEST 2008


I was wondering if there was someplace I could ask a question about
encryption not specific to gpg?

I have a project I have been working on for several years (it is
nowhere near complete).  A few days ago I accidentally ran across this
page on SourceForge:
and I was not even sure if my project fell into that category.  (I was
not developing the project specifically to encrypt data, it was just
that I wanted the data it was storing to be encrypted.)

So I contacted the Software Freedom Law Center
http://www.softwarefreedom.org/ to see if they could advise me.  I
talked to them and they said the government would not be concerned
with my project at this time because it just uses "weak encryption" on
top of "strong encryption" and the strong encryption comes from a
library and is not part of my project.  That is cool, I was quite

But then I started wondering about the "weak encryption" part.  What I
do is after it gets encrypted with the normal library encryption, I
reorder the bytes.  (The attorney said this was the "weak
encryption".)  So I started wondering if it is worth doing this at all
(it was fairly easy to do)?  My theory was that since there are 248
bytes that the possibilities would be 248! which I spent a little time
trying to calculate but all of the things I tried overflowed
eventually and I didn't want to take the time to write a program to
calculate the whole number.  Since the numbers I got were pretty big
and I was a long way from 248, I assumed that it was pretty large.

Anyway, I'm sorry, I didn't want to this to get this long.  I was just
wondering if anyone could point me to somewhere or someone that could
explain why reordering would be weak and if it is worth doing at all.


More information about the Gnupg-devel mailing list