Re: Definition of Military / Government grade ciphers

From: Sean Dougall (sean_at_space-pirates_HATE_SPAM.org)
Date: 05/29/03

• Next message: 小葉南洋杉: "Try to calculate"
• Previous message: S Frazier: "Re: Leaking data while encrypting private keys"
• In reply to: majikcypher: "Definition of Military / Government grade ciphers"
• Next in thread: Danilo Gligoroski: "Re: Definition of Military / Government grade ciphers"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 28 May 2003 22:17:42 -0400

majikcypher wrote:
> Most of the different ciphers I use to encrypt my files are labeled as
> "Military Grade" or "government Strength". But exactly what does this
> mean (and NO i don't mean do they USE the type of encryption because
> that is sort of obvious and I know that it means that it passes their
> little test of how good it should be but I want to know exactly how
> good it has to be to be given this name)? Also what do you think are
> the strongest algorithms (publicly). I like Blowfish and Rijndael.

Here's a theory I'd tend to trust...

"Many crypto vendors claim their system is ``military grade.'' This is a
meaningless term, since there isn't a standard that defines ``military
grade,'' other than actually being used by various armed forces. Since
these organizations don't reveal what crypto they use, it isn't possible
to prove or disprove that something is ``military grade.''

"Unfortunately, some good crypto products also use this term. Watch for
this in combination with other snake oil indicators, e.g., ``our
military-grade encryption system is exportable from the US!'' "

(Source: http://www.interhack.net/people/cmcurtin/snake-oil-faq.html)

Sean Dougall

• Next message: 小葉南洋杉: "Try to calculate"
• Previous message: S Frazier: "Re: Leaking data while encrypting private keys"
• In reply to: majikcypher: "Definition of Military / Government grade ciphers"
• Next in thread: Danilo Gligoroski: "Re: Definition of Military / Government grade ciphers"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: Quadruple Algorithms ... occurring" (a fatal flaw being found in AES, ... If you really want secure crypto use various layers of encryption ... with the output of one cipher feeding ... (sci.crypt) Re: AES and Diehard ... >you could employ kill file, ... The result of encryption which might eventually develop ... a standard for crypto the 'diversity' of interests is ... compression algorithm could exploit in order to compress. ... (sci.crypt) Re: Crypto implementation in consumer encryption software ... >literally hundreds of encryption programs using AES, Twofish, ... too many also put every concevable feature in the product - giving ... reasonable risk, and find a product that does what you want. ... most 'consumer' crypto apps don't seem to understand ... (sci.crypt) Re: Are computer forensics people as stupid as they seem? ... I said it was undetectable that it was crypto. ... Sorry, but if people were going to jail for DBAN'd drives, you should ... expressed a genuine interest, instead of kicking me in the nuts. ... standard encryption accomplishes. ... (alt.privacy) [PATCH 12/13: eCryptfs] Crypto functions ... components of the eCryptfs cryptographic filesystem. ... eCryptfs crypto functions. ... * @param offset ... * userspace to perform the encryption of the session key; ... (Linux-Kernel)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint