In addition to the 64 bit key length of the Red Pike algorithm, there is the problem that it is unpublished. There is strong and historically justified scepticism in the cryptographic community of secret mechanisms; it was enunciated as long ago as 1883 that the security of a cryptographic system should lie in the choice of the key rather than the obscurity of the algorithm [49], and this principle has stood the test of time [48]. The use of an unpublished algorithm runs directly counter to this.
At the June meeting, the IMG put its confidence in the crypto community's accepting Red Pike because of its provenance. We were highly sceptical of this claim, given the cryptographic community's historical preference for mechanisms that have withstood extensive peer review, and also because of the errors in GCHQ's email security protocol [14]. We therefore tested the IMG's claim by asking the following five questions of the sixty or so people who attended the cryptology and computer security sections of a 1996 Isaac Newton Institute research programme. These delegates had been selected by a programme committee as the most eminent researchers in the field.
The BMA was unanimously supported on questions (1), (2) and (5). There was strong majority support on the other two; the minority said that once the algorithm was published (deliberately or otherwise) it might gain acceptance if it attracted and resisted serious attack efforts.
The IMG strategy states that the encryption algorithm chosen must be acceptable to the cryptographic community (p 56), and the people canvassed in the above test are the opinion leaders in that community. So it would seem that the use of Red Pike is incompatible with this eminently sensible goal.