Re: TEA (was Re: filesystem encryption)

Perry E. Metzger (perry@piermont.com)
Wed, 24 Jun 1998 12:14:01 -0400

• Next message: Nicholas Charles Brawn: "Re: filesystem encryption"
• Previous message: Perry E. Metzger: "Re: Skipjack"
• In reply to: Trei, Peter: "Skipjack"
• Next in thread: M Taylor: "Re: TEA (was Re: filesystem encryption)"

> [TEA]
> > SAFER doesn't strike me as a good idea, but TEA *really* doesn't
> > strike me as a good idea.
>
> Why not?. I need a *simple*, *lightning* fast crypt, without setup
> overhead. Streng is important but only for "domestic" attacks, since
> each register is crypted using its unique "user provided but server
> generated" key. In fact we are using only 64 bit keys, with up-most 64
> bits set to 0. The users already have a hard time remembering 12 random
> chars (64 bits coded as two 32 bit base64).

I think, based on what you ar edescribing, that the algorithm you need
is ROT13.

More seriously, you are violating lots of design criteria that someone
experienced with building secure systems would not be shirking
at. Things like using a password to generate a key instead of having
the user remember the key, for example. Things like actually
understanding what "key setup overhead" means in practice (in general,
it is ignorable unless you have an unusual application and it sounds
like you don't.)

I hate to say this, but I'm frightened for your users.

Perry

• Next message: Nicholas Charles Brawn: "Re: filesystem encryption"
• Previous message: Perry E. Metzger: "Re: Skipjack"
• In reply to: Trei, Peter: "Skipjack"
• Next in thread: M Taylor: "Re: TEA (was Re: filesystem encryption)"