If your are more interested in system administration, RFC2196, the "Site Security Handbook" also is a good read. If you are looking for something shorter, try theSecurity-Howto (that's a different document than the Secure Programming for Linux and Unix HOWTO!).
When Feistel invented DES, it (really) used a 64 bit key, but the NSA urged him to weaken the system in such a way that it uses 56 bits of the (seemingly) 64 bit key. This way, they were able to launch brute force attacks (i.e. check all possible keys).
There may be other security holes in DES, but there is no need to exploit them, since brute force definitely is feasible.
Actually, BLIND is just good old substitution cipher, which may protect your data from being read by your six-year-old brother. Anyone else will be able to decrypt "encrypted" data by hand.
Had the author even looked at any crypto-book (e.g. Schneier's "Applied Cryptography" or Menezes's "Handbook of Applied Cryptography"), he'd never posted the algorithm.
What good is free speech if just any old person can change what you said before it arrives to a listener? Why don't you start signing (e.g. using PGP/GnuPG) all your posts? This will not solve the problem, but this way, people will at least know, that they do not read something you posted.
Slashdot Mirror
If your are more interested in system administration, RFC2196, the "Site Security Handbook" also is a good read. If you are looking for something shorter, try theSecurity-Howto (that's a different document than the Secure Programming for Linux and Unix HOWTO!).
When Feistel invented DES, it (really) used a 64 bit key, but the NSA urged him to weaken the system in such a way that it uses 56 bits of the (seemingly) 64 bit key. This way, they were able to launch brute force attacks (i.e. check all possible keys).
There may be other security holes in DES, but there is no need to exploit them, since brute force definitely is feasible.
Had the author even looked at any crypto-book (e.g. Schneier's "Applied Cryptography" or Menezes's "Handbook of Applied Cryptography"), he'd never posted the algorithm.
What good is free speech if just any old person can change what you said before it arrives to a listener?
Why don't you start signing (e.g. using PGP/GnuPG) all your posts? This will not solve the problem, but this way, people will at least know, that they do not read something you posted.