*BSD News Article 63313


Return to BSD News archive

Path: euryale.cc.adfa.oz.au!newshost.anu.edu.au!harbinger.cc.monash.edu.au!news.mel.connect.com.au!munnari.OZ.AU!news.hawaii.edu!ames!agate!howland.reston.ans.net!gatech!news.mathworks.com!tank.news.pipex.net!pipex!dispatch.news.demon.net!demon!giskard.demon.co.uk!dale
From: dale@giskard.demon.co.uk (Dale Shuttleworth)
Newsgroups: comp.os.linux.misc,comp.os.linux.development.system,comp.os.linux.networking,comp.unix.bsd.bsdi.misc,comp.unix.bsd.netbsd.misc,comp.unix.bsd.freebsd.misc
Subject: Re: need secure OS to entrust millions to
Followup-To: comp.os.linux.misc,comp.os.linux.development.system,comp.os.linux.networking,comp.unix.bsd.bsdi.misc,comp.unix.bsd.netbsd.misc,comp.unix.bsd.freebsd.misc
Date: Mon, 11 Mar 1996 17:19:42 GMT
Organization: Dale's home Linux box.
Lines: 37
Message-ID: <Do45Gu.1y@giskard.demon.co.uk>
References: <4gi6t6$3h9@lace.colorado.edu> <1996Feb25.152559.8977@jarvis.cs.toronto.edu> <4gvchb$ln5@senator-bedfellow.MIT.EDU> <4h7rdd$qeu@park.uvsc.edu> <4hi93v$qas@keltia.freenix.fr> <4hsv73$d3h@park.uvsc.edu>
X-NNTP-Posting-Host: giskard.demon.co.uk
X-Newsreader: TIN [UNIX 1.3 950824BETA PL0]
Xref: euryale.cc.adfa.oz.au comp.os.linux.misc:91043 comp.os.linux.development.system:19119 comp.os.linux.networking:31322 comp.unix.bsd.bsdi.misc:2616 comp.unix.bsd.netbsd.misc:2435 comp.unix.bsd.freebsd.misc:15283

Hi,

Terry Lambert (terry@lambert.org) wrote:
: roberto@keltia.freenix.fr (Ollivier Robert) wrote:

[...]

: ] PK Crypto relies on _secrecy_ of the key (and its size of course, you can't
: ] rely  on 384 bits PGP  keys for example),  not on  the  algorithm itself or
: ] something else you may try to hide. 
: 
: So you are arguing that the product of two prime numbers
: renders the prime numbers themselves "secret".

That seems like a reasonable argument.  Just because the two prime
numbers seem more readily accessible than say a DES key does not
mean that they are easier to recover.

: I claim that since the search space is known, they are "obscure".

Then there are very few systems where the search space cannot be
determined (I can't think of any - if there are, they would have
some rather interesting characteristics).  You seem to be saying
that DES, IDEA, RSA and even the one time pad are all alogrithms
which rely on security through obscurity.

Your argument is quite irrefutible if you don't use the meaning
usually attached to "security through obscurity".

		Dale.

-- 
******************************************************************************
*  Dale Shuttleworth                                                         *
*  Email: dale@giskard.demon.co.uk                                           *
******************************************************************************