Full Disclosure mailing list archives
Re: RE: [ISN] DARPA pulls OpenBSD funding
From: yossarian <yossarian () planet nl>
Date: Sun, 20 Apr 2003 17:05:22 +0200
is getting really hard. Anyway, underneath it is probably US anyway.
Another
customer decided to get rid of american crypto software, since he is
afraid
of economic espionage by No such 'n such Agency, helping his us based competitors. The Brussels incident didn't really help here.These
politically
So, what does he use for UNIX password encryption; MD5 (Ron Rivest, USA) or Blowfish (Bruce Schneier, USA)? For PGP hashes?
IDEA is russian, and the password hashes are not obvious to him, so no issue yet. But moving to IDEA is a distinct possibility - the PGP used already is IDEA, but also MD5. Viz-a-viz Blowfish - having to decide on what block cipher is interesting, we are to move to AES, - belgian, made by these very friendly people in Leuven. The fact that the US adopted it, does not make it US. Belgium being a strong opposer to Bush' politics makes it a very good possibility. Will look in these people's other work as well, SHARK and SQUARE. - but ah, implementations... any cryptosystem out there uses a combination of ciphers for its various roles, so going around MD5 or SHA will be harder, SHA being NIST stuff.but I need a MAC.
It's a little difficult to completely avoid US products in the encryption field. And if your response is along the lines of "Open Source, can't hide anything", I'll save time and summarize my rebuttal now; DES, Differential Cryptanalysis, NSA, 20 years.
DES was built, when the Lucifer-project was partly manned by them, all they did was withhold the weakness found for 12 years. And no, i am not an open source kind of person, but i feel it is being forced on me by circumstances. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: RE: [ISN] DARPA pulls OpenBSD funding, (continued)
- Re: RE: [ISN] DARPA pulls OpenBSD funding pandora (Apr 20)
- RE: RE: [ISN] DARPA pulls OpenBSD funding Ed Carp (Apr 20)
- RE: RE: Rijndael Timmah (Apr 20)
- Re: RE: Rijndael yossarian (Apr 20)
- Re: RE: Rijndael Timmah (Apr 20)
- Re: RE: Rijndael Ben Laurie (Apr 20)
- Re: RE: Rijndael Steve Poirot (Apr 20)
- Re: RE: Rijndael Ben Laurie (Apr 21)
- RE: RE: [ISN] DARPA pulls OpenBSD funding Mads Tansø (Apr 20)
- Re: RE: [ISN] DARPA pulls OpenBSD funding Shawn McMahon (Apr 20)
- Re: RE: [ISN] DARPA pulls OpenBSD funding yossarian (Apr 20)
- Re: RE: [ISN] DARPA pulls OpenBSD funding Codex (Apr 20)
- RE: RE: [ISN] DARPA pulls OpenBSD funding Paul Schmehl (Apr 19)
- RE: RE: [ISN] DARPA pulls OpenBSD funding Denis Dimick (Apr 19)
- RE: RE: [ISN] DARPA pulls OpenBSD funding Curt Purdy (Apr 19)
- Re: RE: [ISN] DARPA pulls OpenBSD funding Shawn McMahon (Apr 20)
- RE: RE: [ISN] DARPA pulls OpenBSD funding Curt Purdy (Apr 20)