[Cryptography] Other obvious issues being ignored?
Ralf Senderek
crypto at senderek.ie
Wed Oct 21 02:03:18 EDT 2015
Let's combine two ideas from different posts:
Arnold Reinhold writes about "the list of issues the cryptographic community
knows about, but keeps ignoring"
> 7. Fuzzy goals for cryptography. We want to access our data any time we want,
> anywhere we want, on any platform we want and to share it with anyone we want
> but we want all of our data to be secure against the bad guys, who we can't
> clearly define and don't all agree on. And we don't want to be inconvenienced
> in any way.
John Denker writes in addition to the list:
> There exist "secure messaging" apps, but they seem at the
> moment limited to a rather small niche market ... which
> might make them worse than nothing, insofar as using them
> raises red flags.
While ordinary users want the digital land of milk and honey *that works*,
there is no clear threat model for the assumed solution.
While on the other hand, the attempts to reduce complexity and to work with
a realistic threat model are bound to small niche markets if not entirely
ignored, we have all the ingredients for a perfect recipe to make sure,
we'll remain in this situation.
--ralf
More information about the cryptography
mailing list