ChatBarrier - Snake oil warning

The company that made such a fuss over being able to copy icons between files and applications have decided to ride their wave of publicity by releasing ChatBarrier which encrypts iChat conversations. However anyone using this product should be warry as it has all the signs of being snake oil such as using 512 bit encryption keys.

512 is a stupid number, if they are using a good symetric cypher like AES then that is over kill, 128 bits will keep you out of the hands of any organisation on earth, and breaking 256 bits (AES's maximum) would require a computer taking an entire gallaxy as a power source[source applied cryptography: ssecond edition] simply to count through all the possible keys without even testing them. Also if they are using a symetric cypher they are probably using a propriatory one as I no of no peer reviewed cypher that uses more than 256 bits of key, this is backed up by saying nowhere which cypher they are using. RC4 can use this amount of key material, but normally is limited to 128 bits. Cyphers that are not peer reviewed are almost always worse than one that have been tested by experts from around the world.

If they are using Public Key cryptography then 512 bits is simply far to short, as 512 bits is within the technical capacity of a well funded adversary to break.

Nor do they say anywhere how they are doing the key exchange, the hardest part of any cryptosystem, if we assume they are using Public Key (the most logical approach) then does this 512 bit key value relate to that. In which case the system is broken, if they are using a better value (at least 1024 as the sessions probably won't be for long term storage of important data) why don't they advertise it? Afterall 1024 bits sounds better marketing than 512 bits.

The biggest snake oil warning is them saying "no one can break" only One Time Pads are truely unbreakable, brute forcing a 256 bit key may be way outside our current capabilities but it is possible, as is brute forcing a 512 bit key even if the requirements make it practically impossible.