Newsgroups: sci.crypt Path: cactus.org!cs.utexas.edu!math.ohio-state.edu!jussieu.fr!univ-lyon1.fr! + swidir.switch.ch!scsing.switch.ch!news.dfn.de!news.belwue.de!zib-berlin. + de!netmbx.de!Germany.EU.net!EU.net!uknet!festival!dcs.ed.ac.uk!pdc From: pdc@dcs.ed.ac.uk (Paul Crowley) Subject: Re: Block Mixing Transformations Message-ID:Sender: cnews@dcs.ed.ac.uk (UseNet News Admin) Organization: Edinburgh University References: <1994Mar13.051515.27175@cactus.org> <2m7ong$6vr@news.umbc.edu> + <1994Mar16.222350.179@cactus.org> Date: Thu, 17 Mar 1994 11:08:02 GMT Lines: 85 Quoting ritter@cactus.org (Terry Ritter) in article <1994Mar16.222350.179@cactus .org>: > Why use Penknife? > 1) Most businesses and even some individuals take patent > infringement seriously. Penknife is offered by the > patent holder. ViaCrypt PGP is offered by people licensed to use both patents involved. > 2) Most businesses and even some individuals prefer to pay > for software, to get some level of seriousness and > accountability in products they depend on. I have usually found free software as widely available as PGP to be more reliable and solid than commercial products, simply because the source has undergone such extraordinary scrutiny and widespread testing by knowledgeable and demanding users. And if you buy from ViaCrypt you'll get their professional commitment to the software they sell. > 3) Penknife includes a distributable commercial-demo form-- [snip] What's the point? If you don't know what a cryptosystem does, why are you buying one? You don't use commercial demos to evaluate strength. > 4) Penknife does not create ciphertext blocks that scream > out "I am in cipher; I am PGP; take me, I'm yours." Free software exists to convert PGP to several steganographic formats, including embedding into JPEG. [5) PGP allows the use of unvalidated public keys] Validated by who? PGP has an highly sophisticated and flexible key signing system, certainly suitable for any application I can think of. [6) Private key cyphers are sometimes good] What's the point? They'll never be as convenient as public key systems. [8) Advanced Penknife supports central key-management] ...which is pretty much against PGP's design philosophy! [7) and 9) Advanced Penknife has various features] ...that PGP also has. [10) Advanced Penknife supports sending large binaries on the Internet] A palpable hit! PGP isn't yet designed to work as an expensive version of tar and uuencode, no. Thanks, but for all these "features" you're asking us to give up the well-understood security of PGP. I know where my money is---except of course I didn't spend any... (from another post) > But since this is apparently the sole remaining issue of > disagreement, my thanks to Crowley for conceding [...] Don't be silly. I don't always go in for point-by-point refutations like this, that's all. >>In the way you format your articles, you give yourself airs. > > The way I format my articles shows that I've spent more than > five minutes on the project. It organizes the thoughts. It also > provides references to, and indication of, the sources I had. I'm all in favour of putting work and research into articles posted here. But there's no point in, for example, giving an article an abstract when it will disappear from everyone's news spools in a few days. Usenet is a transitory medium, and so it simply isn't suitable for the sort of "papers" you want to post to it. It would make more sense to make the paper available by FTP or WWW and post a URL so that it will last for more than a week. > That is Science. I recommend it. No it isn't; it's just pomposity. __ _____ \/ o\ Paul Crowley pdc@dcs.ed.ac.uk \\ // 42A47697 54144EA4 BACFA9FD C9433347 /\__/ Trust me. I know what I'm doing. \X/ WWW: http://tardis.ed.ac.uk/~pdc/