[Cryptography] Security is a total system problem (was Re: Perfection versus Forward Secrecy)

Perry E. Metzger perry at piermont.com
Fri Sep 13 15:23:53 EDT 2013


On Fri, 13 Sep 2013 08:08:38 +0200 Eugen Leitl <eugen at leitl.org>
wrote:
> Why e.g. SWIFT is not running on one time pads is beyond me.

I strongly suspect that delivering them securely to the vast number
of endpoints involved and then securing the endpoints as well would
radically limit the usefulness. Note that it appears that even the
NSA generally prefers to compromise endpoints rather than attack
crypto.

The problem these days is not that something like AES is not good
enough for our purposes. The problem is that we too often build a
reinforced steel door in a paper wall.

Perry
-- 
Perry E. Metzger		perry at piermont.com


More information about the cryptography mailing list