• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: Encryption
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Encryption

  • Subject: Re: Encryption
  • From: Kyle Moffett <email@hidden>
  • Date: Fri, 2 Jan 2004 13:29:13 -0500
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Jan 01, 2004, at 21:08, Robert Tito wrote:
Hi Shawn
Because our product is registered I cant go into much detail but we use
polymorphic asymmetrical encryption. (with another tag upon which I cannot
elaborate)
Together that leads to the mathematical chance of 1:10^1256 for a 1 MB file.

So you are saying that you won't reveal your algorithm to anyone unless they
first purchase a copy of your application? All of the popular security-related
algorithms used today (EX: RSA, AES, SHA) are publicly documented and
described, yet for any reasonable key length they have not been found to be
crackable. I took a short cryptography course recently, and we explored the
properties of RSA encryption using primes, and unless you can factor 512 bit
numbers in any reasonable period of time RSA is unbreakable. That
invulnerability can be mathematically proven. I have read many security
related books that all state "Security through obscurity is no security at all,"
yet many companies seem to focus on complex and convoluted algorithms
merely because they seem hard to crack. The books that I have read state
that it is unwise to use any form of encryption for which the algorithm is
unavailable because "it is a trade secret" or "it would be less secure." Any
reasonable algorithm should be able to hold its own just as well even if
everybody knows how it works.

For example, NIST requested submissions of encryption algorithms to be
compared for the position of AES (Advanced Encryption Standard) The
whole process was public, anyone could review the algorithms on their
own to draw their own conclusions. NIST chose the Rijndael algorithm with
public support. More info can be found here:

AES Home Page < http://csrc.nist.gov/CryptoToolkit/aes/ >

Cheers,
Kyle Moffett

- -----BEGIN GEEK CODE BLOCK-----
Version: 3.12
GCM/CS/IT/U d- s++: a16 C++++>$ UB/L/X/*++++(+)>$ P+++(++++)>$
L++++(+++) E W++(+) N+++(++) o? K? w--- O? M++ V? PS+() PE+(-) Y+
PGP? t+(+++) 5 X R? tv-(--) b++++(++) DI+ D+ G e->++++$ h!*()>++$ r !y?(-)
- ------END GEEK CODE BLOCK------

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (Darwin)

iD8DBQE/9bh5ag7LSGnFq10RAsfTAKDUeMnwdrd4ugrMAen1BSS7+qaR8ACfRGeJ
QfVYvOvPWpND2jJ8plccNbA=
=uLU6
-----END PGP SIGNATURE-----
_______________________________________________
cocoa-dev mailing list | email@hidden
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/cocoa-dev
Do not post admin requests to the list. They will be ignored.
  • Follow-Ups:
    • Re: Encryption
      • From: Robert Tito <email@hidden>
References: 
 >Re: Encryption (From: Robert Tito <email@hidden>)

  • Prev by Date: Re: Can we make a Panel be displayed even when it is deactivated?
  • Next by Date: Re: Encryption
  • Previous by thread: Re: Encryption
  • Next by thread: Re: Encryption
  • Index(es):
    • Date
    • Thread