Subject: Re: FUD about CGD and GBDE
To: None <>
From: ALeine <>
List: tech-security
Date: 03/02/2005 18:43:40 wrote: 

> Unfortunately, all these well-intentioned and very intelligent
> people were wrong.  The novel cryptographic modes they designed
> to always be harder to break were in fact sometimes -- in fact,
> in the case of PCBC, pretty much always -- easier to break than
> the boring, ordinary, pedestrian constructions they were meant
> to replace.
> And after all those well meaning and clever people got burned
> over the years, the consensus of the community of experts (as
> I percieve it, anyway) gradually became that novel cryptographic
> constructions should not be used in implementations until they
> had been extensively studied over a period of many years by
> experts.

At any time half of all the people are wrong about something, it's
only a matter of time when your time will come to be in the wrong
half or rather the right half to be wrong. That stops neither half
from going forward and doing what they feel is right.

Just because there is a tendency for new cryptographic systems to
be broken does not mean this applies to GBDE, otherwise anything
new would be considered wrong and we might as well stop even trying
to innovate. Give GBDE a chance.

GBDE is not replacing anything because there was nothing like it to
replace in the first place.

Also, there is a catch 22 situation with studying things without using
them. The longer you study something without using it the less likely
it is to make it into production, the world is not waiting for anyone.
GBDE is here, you can analyze the design and the code, when you do a
formal analysis let us know, shouting "It's new, it must be bad!" is
not an argument.

> Those who do not know the mistakes of the past are doomed to
> repeat them.

Those who are afraid of making mistakes are sentenced to regretting
that mistake and living in the past.

WebMail FREE