It's a Presidential Mandate, Feds use it. How come you are not using FDE?
Saqib Ali
docbook.xml at gmail.com
Thu Jan 18 11:50:48 EST 2007
Since when did AES-128 become "snake-oil crypto"? How come I missed
that? Compusec uses AES-128 . And as far as I know AES is NOT
"snake-oil crypto"
Closed-source doesn't mean that it is "snake-oil". If that was the
case, the Microsoft's EFS, and Kerberos implementation would be "snake
oil" too.
I think you are mistaken on the definition of "snake-oil crypto".
Snake-oil crypto refers to "New mathematics", "Proprietary
cryptography", and "Pseudo-mathematical gobbledygook"....
Please see the following URL for more into on snake-oil crypto:
http://www.schneier.com/crypto-gram-9902.html#snakeoil
saqib
http://www.full-disk-encryption.net
> If I have data that's valuable enough to need encryption, I'm going
> to be nervous trusting it to closed-source software. How do I know
> that Compusec's cryto is done properly? As Bruce Schneier has
> famously said, to the user snake-oil crypto looks just like good
> crypto -- both scramble the bits enough to look "random" to the eye.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list