faramir.cl at gmail.com
Wed Sep 24 07:20:34 CEST 2008
-----BEGIN PGP SIGNED MESSAGE-----
Robert J. Hansen escribió:
> Faramir wrote:
>> I think I will add some more algos, to avoid using 3DES (while it
>> should be safe enough... I don't like the solution "lets do it 3 times")
> Not to ask a dunce question here, but why not?
I will tell the true: because some of my likes and dislikes are not
based on rational arguments...
Ok, let me say something on my behalf: in my experience, when
something does't work as well as expected, and people say "well... lets
do it 2 times, that should work", usually that leads to something that
works, but it is not as good as it could be... An example: I decided to
backup my private keyring in a remote backup... a free host. I put a
private folder, and encrypted the file 3 times, with different
encryption utilities, and different passwords. But I don't "feel" it is
the best solution... probably I should have stored them in a pendrive,
and store it in my grandparents house. Now, my keys don't control the
launch codes for ICBM, so I don't need more protection... but if they
were "important", probably I should look for a better solution.
> "3DES. Nothing else even comes close." Sure, use AES for new crypto
> software, but if you absolutely _must_ have the most overdesigned,
> overbuilt thing out there...
Well, if an expert says that, I don't have another choice than trust
it, until another expert says something different.
> It is big, clumsy, ungainly and slow. It has all the aesthetic values
> of the Soviet Realism school of art, and processes data about as fast as
> a snail coming off a three-day scopolamine trip.
Well... that resumes what I would expect from something designed to be
applied once, and "fixed" by applying it 3 times... but again, I admit
my expectation's come from an irrational base. If it was my job to
decide what algo to use for some serious thing, I would stick to the
hard facts... but it is not the case with _my_ key.
> And it is still beating up every cryptanalyst out there and stealing
> their lunch money.
If it couldn't do that, it would be deprecated... I know all the
encryption algo's provided by GPG are safe enough... but I can't use
them all... and if one of them is big, clumsy, ungainly, and with poor
aesthetic, that one will be the one I won't _prefer_ to use.
> If you don't like 3DES because it's slow, okay, fine, I can respect
> that. But objecting to "let's do it three times" is nonsense. Do you
> object to Blowfish because it does it does it 16 times?
The thing I dislike about "let's do it 3 times" is it was not designed
to be used that way... using it 3 times is the solution to the "it is
not secure enough" problem. In other words, I get the impression 3DES is
a "patched" DES. And other algos are not patched... or at least, not so
obviously patched (I can't be sure about if they are patched or not).
But despite I don't like it, it is good to know the ultimate
compatible algo in OpenPGP is also the most secure of all...
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
More information about the Gnupg-users