<< | Thread Index | >> ]    [ << | Date Index | >> ]

To: cipe-l,AT,inka,DOT,de
Subject: Re: About P.Gutmann's critique of CIPE - etc. etc.
From: Allan Latham <alatham,AT,flexsys-group,DOT,com>
Date: Fri, 26 Sep 2003 15:51:35 +0200
In-reply-to: <1064581151.426.114.camel@eris>
References: <003901c38425$3fcf1c20$d620a8c0@pcw_hans.hnsasd.priv> <1064581151.426.114.camel@eris>

Hi all

it really is time for you all to ponder on the simple fact that all human 
creations are flawed in some way or other. In some cases we can see the flaws 
in others they remain in darkness until they come to bite us at the least 
appropriate time.

A brief summary:

CIPE has a small code base and a record of stability.
CIPE employs a crypto design which is easy to understand and audit.
CIPE has know theoretical weaknesses with so far as we know of no exploits.

IPsec has a huge code base and depends on libraries written by different 
than those who wrote IPsec.
IPsec has a complex crypto model that few are capable of analysing.
IPsec is believed to be secure. (i.e. no one has found the weakness yet).

Please bear in mind that none of the crypto behind either of these products 
proven to be secure on a mathematical basis. Only one time pads are known to 
be secure.

As a user of one of the above you must decide where the greatest risks lie.

Do they lie in a successful attack on the cryptography used in CIPE?
Do they lie in the complex model or the huge code base of IPsec?

Correct me if I'm wrong but every successful attack on a crypto product 
than genuine snake oil stuff) has been by exloiting progam bugs not by clever 

You pay your money (OK - so it's free) and take your choice.

Until someone can detail to me a real weakness in CIPE that is capable of 
being exploited I prefer this "rather old" workhorse.

My money says there will be a program bug breakdown of one or other IPsec 
implementation before there is a similar failure in CIPE.

Have a fine weekend everyone


<< | Thread Index | >> ]    [ << | Date Index | >> ]