[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: weak encryption

To: dave madden <dhm@mersenne.com>
Subject: Re: weak encryption
From: mgraffam@idsi.net
Date: Fri, 12 Nov 1999 13:29:14 -0500 (EST)
Cc: cypherpunks@toad.com

On Thu, 11 Nov 1999, dave madden wrote:

> I've been wondering whether weak encryption is, in fact, worse than no
> encryption.  Certainly any particular message would fall easily, but
> would it still be possible to do bulk traffic scanning if every
> message was encrypted with some 40-bit algorithm?  At the very least,
> messages that now stick out by virtue of the fact that they're
> encrypted should blend in better.  Would you still be able to pick out
> the interesting targets if everything was encrypted?

>From a mathematical standpoint, yes you are right: shitty encryption is
not as bad as no encryption.. however, by and large, humans are not
mathematical. 

Widespread usage of shitty crypto is bad because it gives people a false
sense of security. People will think they have privacy and reveal secrets
that they may not if there was no crypto. People will think "hey, 40 bits
must be enough.. EVERYONE is using it" and we'll never get actual GOOD
crypto in place. 

Michael J. Graffam (mgraffam@idsi.net)

Prev by Date: DVD Encryption
Next by Date: Re: weak encryption
Prev by thread: weak encryption
Next by thread: Re: weak encryption
Index(es):
- Date
- Thread