Subject: Re: FUD about CGD and GBDE
To: None <>
From: ALeine <>
List: tech-security
Date: 03/02/2005 14:41:06
Again I was left out of the loop by a certain someone who is not
subscribed to, so I apologize for replying
indirectly. wrote: 

> In message <>,
> "Steven M. Bellovin" writes:
> >I don't claim that there's a flaw.  I do assert that that I
> >haven't seen a threat model that would justify extra complexity.

What about the threat model I described in my reply to you:

Do not let the 666 at the end scare you. :-)

> It is all sounds and true advice about simplicity, but only if we
> don't simplify so much that people do not trust the result.
> As Einstein said: "As simple as possible, but no simpler".

Exactly, and people should stop trying to apply Occam's razor (the
principle of parsimony) in an attempt to justify the simpler approach
when the basic premise for it does not even exist. Occam's razor
favours the simpler of the numerous explanations/solutions for an
observed phenomenon. Here you have two distinct mechanisms that are
not the same phenomenon, eventhough data is being encrypted in both

Here's an analogy: GBDE is like a jacket with many pockets both on
the inside and the outside, with some secret pockets with keys for
other locked pockets within pockets. If someone steals you jacket
they might be able to pick some pockets, but picking one pocket
will not give you the contents of all the other pockets, nor will
it give you their location. CGD, on the other hand, is like a large
bag, if you manage to get hold of it and open it (the same assumption
as in being able to look inside a regular jacket pocket), everything
inside it is yours. I prefer jackets, they also keep you warm. Besides,
wearing a bag would be silly, but some people might decide it's their
style. :->

WebMail FREE