comments wanted on gbde
Ivan Krstic
krstic at fas.harvard.edu
Sat Mar 5 13:24:55 EST 2005
Steven M. Bellovin wrote:
> With
> the author's consent, I'm soliciting opinions from this group about it:
>
> http://phk.freebsd.dk/pubs/bsdcon-03.gbde.paper.pdf
I just gave the paper a quick read and am hoping this is not meant for
production use. The key problems to me appear to be that:
- the paper claims added security through the added complexity, when
that's almost always untrue
- standard algorithms are used for things they weren't meant to be used for
- the numbers for the amount of work to break this seem suspect
(although, again, I only gave them a quick read)
Did PHK even solicit proper reviews before implementation? This looks
like another case of a programmer - in this case, a really smart
programmer - who decides to roll his own cryptosystem with no input from
the crypto community. Terrible Idea. He would have likely been better
off using, say, straight AES256 for the whole disk, without any of his
own bells and whistles.
Cheers,
Ivan.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list