Dave Del Torto (ddt@LSD.com)
Tue, 6 Oct 1998 11:38:43 -0700
At 6:45 am +0200 981006, Anonymous wrote:
>Look at http://www.jawstech.com, and follow the link "Jaws - Security
>Stronghold" which describes the technology. Here you find:
>
>: [elided]
>:
>: For a message scrambled with 40-bit key encryption, it would take
>: 1,099,511,627,776 guesses to decrypt it, according to Robert Kubbernus,
>: CEO and chairman of Jaws, in Calgary, Alberta. For a message encrypted
>: with a 4,096-bit key, there isn't even a name for the number of guesses
>: it would take, he says.
Actually, I think it was named "Leonhard" and lived outside Konigsberg. ;)
>: "For a 56-bit key, there are 72 trillion combinations," Kubbernus
>: says. "For 4,096-bit key encryption, there are 411 commas in the number
>: that represents the number of combinations. We are way past the last
>: scientific number defined."
Someone should give Kubbernus the "411" on (Ronald) Graham's Number (c.f.
the Guinness Book) before he performs another pedal-oral insertion. This is
the sort of slick schpiel one might expect from a SO salesman (though I'm
not calling him one yet). Combined with their lawyers preventing us from
hearing from the designers of the cipher, the package smells kinda skunky
... at least right now.
That having been said, lets make the JAWS guys welcome: if there's merit to
what they're doing, they'll deliver technical details about their cipher
and their implementation -- with alacrity. If they can't divulge technical
details to Usenet right now because of their patent lawyers (gee, I've
never heard that excuse before), they need to at minimum deliver their
technology into the hands of a small group of trusted cypherpunk reviewers
under NDA.
They are also invited to send a representative to any Cypherpunk physical
meeting, so that the attendees can report back to the list(s) about their
impressions. The next Bay Area/Silicon Valley meeting is this Saturday 10
Oct, 12 noon - 6pm: email me for further info. BTW, JAWS: I don't recommend
sending a marketing person or CEO to swim with cypherpiranhas, unless you
only need the swimsuit back: send your cryptographer(s).
If they don't do any of those things, then they're fair game and we can do
what we do best: hunt them down and show them the pointy end of the stick.
If they can't justify the fancy claims they've made, the dual-use
disinfectants ("air and sunshine") will reveal that they're a big fat Zero
that can't be trusted/used by competent security professionals. If the
marketing people at JAWS think they can get by in the crypto business
without the endorsement of the cypherpunk community, they should go sell
anti-virus software.
Either that, or their scam is to sell enough of this stuff to make back
their investment, then pack up the wagon and disappear to the next frontier
town in the middle of the night, just like a... well YOU know...
OK, JAWS: you've stepped up to the plate: swing at this pitch or get off
the field.
dave
____________________________________________________________
"I prefer a real whorehouse to The Theatre." -Dorothy Parker
The following archive was created by hippie-mail 7.98617-22 on Sat Apr 10 1999 - 01:15:20