Newsgroups: sci.crypt
Path: msuinfo!caen!zaphod.mps.ohio-state.edu!qt.cs.utexas.edu!yale.edu!jvnc.net!darwin.sura.net!europa.asd.contel.com!uunet!walter!qualcom.qualcomm.com!qualcom.qualcomm.com!karn
From: karn@qualcom.qualcomm.com (Phil Karn)
Subject: Re: Pretty Good (tm) Privacy
Message-ID: <1992Jan24.031136.22994@qualcomm.com>
Sender: news@qualcomm.com
Nntp-Posting-Host: qualcom.qualcomm.com
Reply-To: karn@chicago.qualcomm.com
Organization: Qualcomm, Inc
References: <VLADIMIR.92Jan19174508@ronnie.Eng.Sun.COM> <XoFZeB2w163w@coyote.datalog.com> <15015@ncar.ucar.edu>
Date: Fri, 24 Jan 1992 03:11:36 GMT
Lines: 19

In article <15015@ncar.ucar.edu>, prz@sage.cgd.ucar.edu (Philip Zimmermann) writes:
|> in the real world.  But perhaps you are concerned that the whole
|> package is weakened if we use a hybrid public-key and conventional
|> scheme just to speed things up.  After all, a chain is only as strong
|> as its weakest link.

Actually, a more important issue with respect to PGP is the use of a
"home grown" conventional cryptosystem instead of a standard cipher
like DES. Without casting any aspersions on Phil Zimmerman, the
conventional wisdom seems to be that ANY new cryptosystem should pass
a thorough public review before it is considered for operational use.
It is all too easy to build a cipher and think it's secure, only for
someone to find a method of attack that, in hindsight, is obvious...

Yes, I know that DES is showing significant signs of weakening. But
it's still the devil you do know, as opposed to the one you don't
know...

Phil
