On Wed, 27 Jun 2012, V G wrote:

> No one's inventing encryption systems. I'm making use of standard AES
> encryption and choosing what gets encrypted and what doesn't.
>
> The data itself doesn't really matter. The important part is WHO the data
> belongs to - the names. If the names themselves can't be deciphered, then
> it should be good enough. What data is related to the names doesn't matte=
r.
> The whole thing can be looked at as a key-value database with the key bei=
ng
> names and the value being a bunch of numbers/blob text/etc. The value
> itself is meaningless.

Think about what you've just written here: the only thing being encrypted=20
is names.

So if we manage to download all the names in the DB we can find which are=20
the most / least common names and use that to help break the key.

You've just made security much weaker.

Regards
Sergio Masci
--=20
http://www.piclist.com PIC/SX FAQ & list archive
View/change your membership options at
http://mailman.mit.edu/mailman/listinfo/piclist
.