Re: How secure is SSL emails?

From: Guy Macon (http://www.guymacon.com)
Date: 06/29/04

• Next message: Guy Macon: "Re: How secure is SSL emails?"
• Previous message: Markus Jansson: "Re: Hashed password secure?"
• In reply to: Peter Fairbrother: "Re: How secure is SSL emails?"
• Next in thread: Peter Fairbrother: "Re: How secure is SSL emails?"
• Reply: Peter Fairbrother: "Re: How secure is SSL emails?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Mon, 28 Jun 2004 18:52:11 -0700

Peter Fairbrother <zenadsl6186@zen.co.uk> says...
>
>Guy Macon wrote:
>
>> Peter Fairbrother says...
>
>>> I don't use RC4 in my designs. I won't even consider it. I don't use RotN
>>> either, and for exactly the same reason. Because they aren't 100% secure in
>>> all circumstances, and I can get a cipher that is.
>>>
>>> Then I don't have to worry about whether the cipher fits the threat model -
>>> which can change.
>>>
>>> I can spend my time worrying about other things instead :).
>>
>> Unless you are using OTP, I don't see how you can possibly justify saying
>> "100% secure in all circumstances [...] I can get a cipher that is." How
>> could you possibly know that this is so? WWhat evidence do you have?
>> What is your reasoning?
>
>There is of course no cipher such that we _know_ that it is secure in all
>circumstances - but there are some ciphers that we can and do _assume_ are
>unconditionally secure.
>
>Actually, such a cipher might be just around the corner, but that's another
>story.

I am having trouble reconciling "Because they aren't 100% secure in
all circumstances, and I can get a cipher that is" and "There is of
course no cipher such that we _know_ that it is secure in all
circumstances". Which is it?
  

• Next message: Guy Macon: "Re: How secure is SSL emails?"
• Previous message: Markus Jansson: "Re: Hashed password secure?"
• In reply to: Peter Fairbrother: "Re: How secure is SSL emails?"
• Next in thread: Peter Fairbrother: "Re: How secure is SSL emails?"
• Reply: Peter Fairbrother: "Re: How secure is SSL emails?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: How secure is SSL emails? ... > Peter Fairbrother says... ... and for exactly the same reason. ... There is of course no cipher such that we _know_ that it is secure in all ... (sci.crypt) A secure hand cipher? ... I have been looking for a way to make a secure hand cipher similar to the ... The "encryption device" is a standard set of scrabble tiles with one ... Text1: From Sherlock Holms ... (sci.crypt) Re: QC-proof cipher? ... to conventional computation techniques, let alone quantum computing. ... one "secure" symmetric cipher too, ... One thing I wonder is people always say this about OTP but what ... is the difference between OTP and a NULL cipher. ... (sci.crypt) Re: triple algorithms ... matching of algorithms I would advise you don't do this. ... AES is secure insofar as nobody has yet found a viable attack for it. ... creating a new cipher out of a collection of others. ... security depends only on the single assumption that factoring is hard. ... (sci.crypt) Re: Which paper and pencil cipher to use ? ... >>> Can someone please recommend a reasonably secure paper and pencil ... >>> The cipher is to be used in an area where electronic methods are ... > practicality, and notes on its practical use from "Between Silk and ... > unbreakable if the running key texts were taken from the space of all ... (sci.crypt)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint