[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: 40bit DES?

To: ipsec@tis.com
Subject: Re: 40bit DES?
From: Helger Lipmaa <helger@cyber.ee>
Date: Wed, 13 May 1998 01:50:05 +0300 (EET DST)
In-Reply-To: <199805122121.RAA29440@jekyll.piermont.com>
Sender: owner-ipsec@ex.tis.com

On Tue, 12 May 1998, Perry E. Metzger wrote:

> 40 bit DES *is* having no encryption. Its got only one legitimate
> function -- it will slow your computer down. What's the point?

Correct.
If you need something that is better than plain text but doesn't give a
real encryption, why not use ROT13? 40-bit DES is as slow as 56-bit DES,
that is, not very productive. At the same thime, it will be very easily to
be broken by any hackers who ever _care_ to try. ROT13 is at least faster.

> buy from a company like SSH Communcations Security Oy". The mere fact
> that VENDORS are harmed by this doesn't harm CUSTOMERS. End users get
> to buy from whom they want.

I'm not from Finland and I've no family members there. But I can say, but
no-one here buys any `made in US' security products. These actually cost
here as much as they do in US. Why waste your money? Therefore, I even
can't see any use from stripped down IPSEC to US vendors.

And yes, 40-bit DES is not a goot for testing purposes either... It's
implementation shouldn't differ very much from the 56-bit DES. It would
give a good test-bed for young hackers, tho. :-)

Of course, even down here in provincial Europe, SSH is not the only option
:-).

Helger Lipmaa
http://home.cyber.ee/helger; Phone +372-6542422

References:

Re: 40bit DES?

From: "Perry E. Metzger" <perry@piermont.com>

Prev by Date: RE: 40bit DES?
Next by Date: RE: 40bit DES?
Prev by thread: Re: 40bit DES?
Next by thread: Re: 40bit DES?
Index(es):
- Main
- Thread