[rc5] Why do we do this?

Kevin van Haaren KvanHaaren at HNTB.com
Fri Oct 31 20:26:21 EST 1997


I've seen this subject broached a couple of times and it usually boils
down to: "to show the goverment we need stronger encryption".  This is
bull.  The goverment WANTS weak encryption (soon they'll want us to
remove the locks on our house to make searches easier).  The amount of
time it took us to break RC5 probably tells them that RC5-56 is TOO
STRONG.  They'd actually have to spend money to crack RC5 - something
they don't want to do.  Remember we had the advantage of a known phrase
at the beginning of the message, this makes decrypting significantly
easier.  Decrypting a totally unknown message requires dictionary
lookups to verify a "possible" hits.  This means more cycles.

So why do this?  To show the rest of america/the world why we need to
tell the goverment(s) to stick it.  Right now most people on the
internet are worried about their credit card numbers getting stolen.  We
need to remind them that goverment restrictions on encryption affect all
information about them: medical, insurance, that dirty message you wrote
to your wife, etc....  If we don't put restrictions on access to
information (using encryption to enforce the restrictions) blatent
misuse is going to skyrocket.

Want an example - the IRS (for you global people, our tax agency has
recently been raked over the coals for abuses such as employees checking
records on neighbors, celebrities, etc....).  Sure they may enact rules
against such behavior, but with STRONG encryption they may actually be
somewhat enforced.  Perhaps double-encryption that requires two private
keys to get in.

So the more people we get involved the better informed THEY'LL be and
can help spread the word.

Sorry, I'm done ranting now (I do feel a little better).

Kevin van Haaren
I had a cool sig, but I lost it
----
To unsubscribe, send email to majordomo at llamas.net with 'unsubscribe rc5' in the body.



More information about the rc5 mailing list