[Cryptography] Moving forward on improving HTTP's security
James A. Donald
jamesd at echeque.com
Fri Nov 22 22:07:07 EST 2013
On 2013-11-22 18:58, ianG wrote:
> To a large extent is all comes back to WYTM? or what's your threat model?
>
> I'm assuming here, today, we are adding the NSA's mass surveillance into
> the equation as a valid and important threat model. That's an
> assumption that can be challenged...
>
> If NSA mass surveillance is our threat model (addition), then the
> solution to that is probably mass opportunistic encryption, to force
> them to go active.
Because powerful organizations wish to observe without being observed, a
moderate chance of detection of active attacks is sufficient to deter,
sufficient to reduce the number of active attacks to very low levels
The more powerful the adversary, and the less powerful you, the more
valuable information about the adversary, and the less valuable
information about you, therefore, the less attractive active attacks
that suffer some risk of detection.
The more powerful the adversary, the less attractive active attacks are
to that adversary.
Any organization powerful enough to perform active attacks on the wire,
is apt to be powerful enough that observation of its attacks provides
information about the organization that likely is of more value than the
information obtained by the attack.
More information about the cryptography
mailing list