Re: Algorithms to generate permutations

Crypto_at_S.M.S
Date: 08/04/05


Date: Thu, 04 Aug 2005 19:41:12 +1000

BRG wrote:

> Crypto@S.M.S wrote:
>
> [snip]
>
>>>There are a few (typically specialist) applications where this extra
>>>protection can be valuable, an example being situations where protection
>>>is needed for several decades or more.
>>
>>CryptoSMS is one such "specialist" application.
>
>
> I took a quick look at your web pages and I don't see anything to
> suggest that CryptoSMS is a specialist application. It is a general
> purpose product that attempts to add security to SMS messaging.
>

It is "specialist" in that it only runs on PocketPCs and SmartPhones.

>
> Quite apart from the security problems raised by others, it lacks
> important characteristics that I would expect to see in a specialist
> high security product intended for such use.
>

What are these "important characteristics"?

Please remember that CryptoSMS has some special design considerations,
such as, not saving any key material on the host system.

>
>>>In consequence it is sad to see that some here who are making the case
>>>against multiple encryption in this context end up weakening their
>>>position by deploying spurious arguments.
>>
>>Yes, these spurious arguments have been extremely weak, yet
>>the denizens of Sci.Crypt have been tolerating these thus far.
>>Thanks for coming forward to point that out.
>
>
> My view on this is that most have long since given up any interest in
> this thread since it is dominated more by 'heat' than 'light'.
>
> Brian Gladman

Yes I agree there is much more heat than light.
Unfortunately.



Relevant Pages

  • Re: crypto sms [was: two children trading insults]
    ... Exactly the reason for using more than ... hashes are defeated on a scarily dependable basis. ... The next layer in the CryptoSMS stack ... > instead you simply remove security. ...
    (sci.crypt)
  • Re: crypto sms [was: two children trading insults]
    ... And yet you persist in relying on the security of each of them as ... > find a simultaneous collision in all six hashes at once. ... > the research done on removing keys. ... > important issue to CryptoSMS designers and users alike. ...
    (sci.crypt)
  • Re: crypto for Joseph Ashwood?
    ... >> times whether it is the WEP attacks which relied on a broken way to ... CryptoSMS is. ... many advantages over the shared passphrase model primarily in the security ... cryptography the compromise of a single person leaves the rest of the ...
    (sci.crypt)
  • Re: Algorithms to generate permutations
    ... >> purpose product that attempts to add security to SMS messaging. ... a design document including a threat model, ... Risible claims of 1000's of bits of cryptographic protection in software ... products such as CryptoSMS serve only to discredit those who make them. ...
    (sci.crypt)