[Cryptography] Why prefer symmetric crypto over public key crypto?
ianG
iang at iang.org
Sat Sep 7 03:57:07 EDT 2013
On 7/09/13 09:05 AM, Jaap-Henk Hoepman wrote:
>>
>> Public-key cryptography is less well-understood than symmetric-key cryptography. It is also tetchier than symmetric-key crypto, and if you pay attention to us talking about issues with nonces, counters, IVs, chaining modes, and all that, you see that saying that it's tetchier than that is a warning indeed.
>
> You have the same issues with nonces, counters, etc. with symmetric crypto so I don't see how that makes it preferable over public key crypto.
It's a big picture thing. At the end of the day, symmetric crypto is
something that good software engineers can master, and relatively well,
in a black box sense. Public key crypto not so easily, that requires
real learning. I for one am terrified of it.
Therefore, what Bruce is saying is that the architecture should
recognise this disparity, and try and reduce the part played by public
key crypto. Wherever & whenever you can get part of the design over to
symmetric crypto, do it. Wherever & whenever you can use the natural
business relationships to reduce the need for public key crypto, do that
too!
iang
ps; http://iang.org/ssl/h2_divide_and_conquer.html#h2.4
More information about the cryptography
mailing list