[RC5] [ADMIN] DES-II-2 is over...

Nathan Lutchansky Nathan_Lutchansky at legis.state.ak.us
Thu Jul 23 17:51:06 EDT 1998

On Wed, 22 Jul 1998, R. Kelley Cook wrote:

> >Think of it: if someone could sniff a credit card transaction and have it
> >cracked within three days, they could max that card out and move on to
> >another one! Don't even get me started on what someone could do if they got
> >their hands on government document and records!
> Think of it, somebody could go into the trash can at your local gas
> station and grab the dozens of credit card reciepts that are sitting in
> their and max out all of those credit cards ...  Or the nice checkout
> lady at the supermarket could copy your number down after you handed it
> to her ... or the man who takes your order at L.L. Bean ... or even
> somebody could steal your wallet.
> All of these methods don't cost anything nor a substantial amount of
> time to get a credit card number.
> One of the most overblown "security" issues of the past few years
> involve the potential pilfering of credit card numbers over the
> internet.  There are *much* easier ways of getting them.

Agreed.  Before we start looking for stronger encryption, let's look at
whether we need it.  Or at least, we should consider what benefits it
could provide.

This is why it is so important to bring out the v3 clients.  There is not
a lot we are proving by attempting to challenge RC5-64, other than that
the algorithm is secure enough that it takes 20,000 computers over 5 years
to break it.  I would much rather my spare cycles be used to search for
prime numbers or extraterrestrial life and prove scientists and
mathematicians right; instead of breaking a code to prove that some
government policy is wrong.  -Nathan

To unsubscribe, send 'unsubscribe rc5' to majordomo at lists.distributed.net
rc5-digest subscribers replace rc5 with rc5-digest

More information about the rc5 mailing list