On Wed, 05 Jul 2006 20:07:44 BST, n3td3v said: > Read more folks, now we can talk about Google and Yahoo without using Tor > www.digg.com/software/World_s_Most_Secure_Instant_Messenger_is_here_!! Tell me - were any of the Digg votes for that from anybody who had actually done a code review? Or they just saw "2048 bit RSA" and got woodies? (Personally, I wouldn't want to be using 2048 bit RSA for the actual stream encryption - that's something that IDEA or similar is much better for. RSA is good for exchanging the IVs for the session keys, and that's about it. And anybody want to place bets that it has tons of interesting attacks on key management?)
Attachment:
pgpcVcylkYMr8.pgp
Description: PGP signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/