On Sun, Apr 01, 2007 at 03:31:41AM -0400, mark at mark.mielke.cc wrote:
> A secret key is a secret key. However encoded it is, or however black
> boxed it is. RES-RSA is obscure. It is not secure. Sometimes obscurity is
> enough. In this case, my point was, that it must be enough. It isn't possible
> to secure the system unless you control all points at all times.

RES-RSA neither obscures nor secures.  It obfuscates using a published
transformation algorithm.  Your original response implies that PKC is
the "real problem" with the Netrek binary verification system, but I
contend that that is not true.  The "real problem" is the multiple
vectors of attack in circumventing RES-RSA, not breaking the functional
transform or reverse engineering the key.  If you are claiming that the
functional transform used in RES-RSA is cryptographically weak and is
easily reversible, I'd like to read your analysis because I have a
passing interest in cryptography.