On Sun, Apr 01, 2007 at 03:31:41AM -0400, mark at mark.mielke.cc wrote: > > A secret key is a secret key. However encoded it is, or however black > boxed it is. RES-RSA is obscure. It is not secure. Sometimes obscurity is > enough. In this case, my point was, that it must be enough. It isn't possible > to secure the system unless you control all points at all times. RES-RSA neither obscures nor secures. It obfuscates using a published transformation algorithm. Your original response implies that PKC is the "real problem" with the Netrek binary verification system, but I contend that that is not true. The "real problem" is the multiple vectors of attack in circumventing RES-RSA, not breaking the functional transform or reverse engineering the key. If you are claiming that the functional transform used in RES-RSA is cryptographically weak and is easily reversible, I'd like to read your analysis because I have a passing interest in cryptography.