Comparison of GnuPG & NAI/PGP features.

Simpson, Sam s.simpson@mia.co.uk
Wed, 12 Jan 2000 12:20:10 +0000 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


> -----Original Message-----

> From: L. Sassaman [mailto:rabbi@quickie.net]

> Sent: 11 January 2000 22:24

> To: s.simpson@mia.co.uk

> Cc: gnupg-users@gnupg.org

> Subject: Re: Comparison of GnuPG & NAI/PGP features.

> 

> On Sat, 8 Jan 2000, Werner Koch wrote:

> 

> > On Sat, 8 Jan 2000, L. Sassaman wrote:

> > 

> > > Not that I use it, but what exactly is wrong with it? Has 

> there been a

> > > successful cryptanalysis, or are you just wary of anything

NSA?

> > 

> > Either Biham or Shamir found a design weekness within a day 

> after the

> > NSA released the code.

> 

> I didn't realise that.


All the Biham / Shamir results on SkipJack are available at:
http://www.cs.technion.ac.il/~biham/Reports/SkipJack/

I think everyone expected SkipJack to be broken after the initial
success, but it would appear that it's actually quite
strong...NSA have a habit of (look at DES, DSA etc) producing
algorithms that are VERY good at doing the job they were designed
for, but can't be extended easily.

SkipJack was meant to protect data with 80-bit keys and it does
this job well - if you change the algorithm at all then you
dramatically weaken it.

AFAIK, there are no attacks better than brute-force on
SkipJack-proper.


> > It is only 80 bits whereas the other algorithms all use 128 

> bit keys.

> > 

> > It is not very fast.

> > 

> > And there is no defined algorithm identifier for it in

OpenPGP.  You

> > noticed the message about experimental algorithms GnuPG 

> prints for it?

> 

> I was aware of the other points... I just wanted to know if you

were

> against it because it ws just generally sucky, or because of 

> some large, particular problem. I don't plan on using it either

case... :)

My main reservation is that the 80-bit key length is considered
marginal at best.  I can see no reason to recommend SkipJack over
3DES for example....


Regards,

Sam Simpson
Communications Analyst
- -- http://www.scramdisk.clara.net/ for ScramDisk hard-drive
encryption & Delphi Crypto Components.  PGP Keys available at the
same site. 

-----BEGIN PGP SIGNATURE-----
Version: 6.0.2ckt http://members.tripod.com/IRFaiad/

iQA/AwUBOHxyMO0ty8FDP9tPEQKciACgnLh22n+dtY6NDxe1jtCQn1YmluYAoI14
3g/Pw2v7TM7Kl66DrKMy835V
=8N5+
-----END PGP SIGNATURE-----