Matt Blaze (mab@crypto.com)
Sun, 04 Apr 1999 05:10:01 -0400
I normally wouldn't waste my time on this, but since Bruce already took
the bait, I'll bite, too.
Mr Alten, your company's misuse of standard terminology and invention of
new terminology for existing, well-understood concepts suggests one of two
possibilities. One is that your company doesn't understand the field,
while the other is that your company believes that it is in its best
interest to obfuscate the nature of its products from its potential
customers. Neither bodes well.
Alten@Home.Com writes:
> At 09:13 AM 4/2/99 -0600, Bruce Schneier wrote:
> >
> >You are free to consider it to be what you like, but you have to understand
> >that you will continue to be ridiculed in the community. RC4 is an OFB
> >stream cipher. So is whatever-it-is that you use.
> >
>
> You are right, we have been ridiculed in the community. Your news letter
> and web site have been prominent in stating that it is "snake oil". And,
> as a fact, our early implementation efforts have had less strength than we
> had originally estimated. However it is a fundamental cipher, and if we
> fail to come up with a way to generate and manage the random pad bytes
> properly, then someone else will. In the 80 years since Gilbert Vernam
> invented it a lot has happened. The broad technology trends are acres of
> memory, lots of cheap microprocessors, and a sea of network availability
> and bandwidth. Together these make a practical, efficient implementation
> of it possible. Within 20 or 30 years it will probably dominate products
> using cryptography, pushing PK and block ciphers into niche areas.
I must admit you've lost me here. There *are* standard ways to "generate
and manage" keystream bits. That's what a stream cipher does. It's a
solved problem.
Perhaps you think you have a better stream cipher. If so, then tell us
that that's what you have, and why you think it to be so. You're only hope
of being taken seriously at this point is by publishing your design in the
standard cryptographic literature, after you've figured out where it fits
in among the previous work.
But to claim a keystream generator solves a previously unsolved new problem
just makes you look like a bunch of fools. You're being taken just as
seriously as you would be if you claimed to have a new invention that
solves the problem of transmitting the human voice over wires (also a
problem of some importance to the employer of Vernam and Shannon).
The following archive was created by hippie-mail 7.98617-22 on Thu May 27 1999 - 23:44:20