jas@druxy.UUCP (ShanklandJA) (01/13/84)
Doug Gwyn writes:
The Enigma multi-rotor cipher machine was broken by Allied
cryptanalysts. The one-rotor version of crypt(1) is far
too vulnerable to entrust critical data to.
True. I wrote that Enigma "served the Nazis so well during WWII"
entirely tongue in cheek, forgetting that neither tongue nor cheek
would make it onto the net. My apologies. It is still better
than no encryption at all, and reasonably cheap computationally.
The modified DES of crypt(3C) is considerably safer, but
even it is theoretically inadequate for the encryption of
a large amount of data. No one should rely on ANY of the
standard UNIX encryption software to protect life or property.
I'm not qualified to discuss just how safe the DES algorithm is.
I would be interested in finding out what the methods of attack
on DES are, and what kinds of machine resources they require, as
well as what some of the alternative methods of encryption are.
My guess is that under most circumstances, DES is safe enough that
key security becomes the overriding safety issue: i.e., it would
be easier to tap a phone line over which the key is transmitted or
bribe an employee than to break the code.
My original point, other than to point out the bug in encrypt(3C),
was that whether or not DES is "theoretically inadequate for the
encryption of a large amount of data," it may be *practically inadequate*
in that at 4-5 seconds of VAX 780 CPU time per kilobyte of data to
be encrypted or decrypted, it requires more computational muscle than
many of us can afford to flex. Another way to look at it is that it
would take about 60% of the VAX's CPU just to keep up with a 1200 bps modem.
-- Jim Shankland
..!ihnp4!druxy!jasjla@houxt.UUCP (J.ALBERI) (01/14/84)
Before you try to use encrypt/decrypt for general purpose encryption, remember it is intended as a password encryption function. If you read the paper on Password security distributed with the UNIX documentation, you will see that it was specially designed to BE SLOW! This is great for password checking, since it means that somebody down the other end of the terminal line can't program his/her own desktop PC to repeatedly try passwords until it finds a correct one. But it makes encrypt/decrypt pretty well useless for data encryption.
ron%brl-vgr@sri-unix.UUCP (01/15/84)
From: Ron Natalie <ron@brl-vgr> Don't think that DES is slow based on the implementation that comes with UNIX. You could probably make it ten times faster rewriting it more efficiently in C. Even faster if you went to assembler. The code tastes fine, but it's ugly. -Ron