launching an executable which he received by email. If an external tool is required, you might as well rely on a tool which has been thoroughly analyzed for security, both in the format specification and the implementation in other words, as suggests: GnuPG.Īs for self-decrypting archives, they are all wrong, since they rely on the user doing exactly what should never be done, i.e. However, such Zip files will not be opened by the stock WinXP explorer. Now, if you use a tool which supports the newer, AES-based encryption, things will look better, provided that the format and implementation were not botched, and the password has sufficient entropy. Phil Katz was very good in his domain, but the best cryptographers in the world will tell you that it takes much more than one extremely good cryptographer to make a secure algorithm - it takes many cryptographers who feverishly propose designs and try to break the designs of the others, for a few years, until a seemingly robust design emerges (where "robust" means "none could find the slightest argument to support the idea that they may, possibly, make a dent in it at some unspecified date").
0 Comments
Leave a Reply. |