a typical example of good encryption alg on a bad place . but the users sees the "2048 bit RSA" and they get on the hook . -- Javor Ninov aka DrFrancky securitydot.net Valdis.Kletnieks@xxxxxx wrote: > On Wed, 05 Jul 2006 20:07:44 BST, n3td3v said: >> Read more folks, now we can talk about Google and Yahoo without using Tor >> www.digg.com/software/World_s_Most_Secure_Instant_Messenger_is_here_!! > > Tell me - were any of the Digg votes for that from anybody who had actually > done a code review? Or they just saw "2048 bit RSA" and got woodies? > > (Personally, I wouldn't want to be using 2048 bit RSA for the actual > stream encryption - that's something that IDEA or similar is much better for. > RSA is good for exchanging the IVs for the session keys, and that's about > it. And anybody want to place bets that it has tons of interesting attacks > on key management?) > > > ------------------------------------------------------------------------ > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/