It’s vital to look back and learn from mistakes

For example, during World War 2, the allies were fortunate enough to find a German radio operator committing the cardinal sin of stream ciphers, reusing the same keystream for two different messages.

This led to the successful breaking of the so-called Tunny traffic, and also to the production of the Colossus machine to speed up the cracking process (contrary to popular myth, Colossus had nothing to do with breaking Enigma). So it is rather depressing to see the same mistake still being made today. For example, a recent analysis of Microsoft Office (http://eprint.iacr.org/2005/007.pdf) showed that the encryption implementation makes exactly the same mistake, namely keystream reuse. Although the RC4 cipher used is relatively secure, the implementation weakens the protection significantly.

Even more ironic is that Microsoft has previously made the same mistake, way back in 1999 (see Microsoft security bulletin MS99-056 for the gory details), albeit not in Office.

Of course, things can be even worse if you decide to use your own encryption algorithm, as Texas Instruments did with its Digital Signature Transponder (DST). The DST is a small device that sits in a car ignition key or other "smart" device and prevents unauthorised use.

Or rather, that's what it should do. Researchers from John Hopkins University and RSA Security have recently found that the proprietary encryption algorithm used in the DST suffers from a number of problems, not least of which its short 40-bit key. Many competing products also use proprietary algorithms.

This is not just an academic weakness. The excellent Hopkins paper (http://rfidanalysis.org) describes a real-world attack using off-the-shelf hardware, with the potential of miniaturisation to a pocket-sized device. The paper also shows how to disclose such weaknesses responsibly, without revealing too much.

I would never trust a password system for anything other than casual protection. If you really need good security, use a company that specialises in the area.

And if you are thinking of developing your own cipher, rather than using one tried and tested in an open forum, think again.