[Cryptography] Secure erasure
Tom Mitchell
mitch at niftyegg.com
Mon Sep 12 22:43:37 EDT 2016
On Mon, Sep 12, 2016 at 12:33 AM, Stephen Farrell <stephen.farrell at cs.tcd.ie
> wrote:
>
> On 12/09/16 07:53, Peter Gutmann wrote:
> > Stephen Farrell <stephen.farrell at cs.tcd.ie> writes:
> >> On 11/09/16 10:50, Peter Gutmann wrote:
> >>> Which leads to a further corollary..... probably a waste
> >>> of time because there's always an easier way in.
> >>
>
......
> > single DES isn't necessary because it's no longer the weakest point.
>
> So I do think your message encouraged weaker crypto but the more
> interesting part is perhaps why the weakest point, as in the simplest
> attack to demonstrate, is not the only relevant argument.
>
> Yes, a rational attacker will choose the weakest point, in the
> sense of the most effective attack.
>
<http://www.metzdowd.com/mailman/listinfo/cryptography>
To split a hair.
An attacker will use the vectors he has knowledge of.
Development of an attack is likely most fruitful if the attack builder
begins at what to him appears to be the weakest point.
The world of science and math are full of things that once were hard
but insight and often hard work relabel the "impossible to possible"
and the "hard to solved".
This discussion centers on two things... an attack surface (a buffer)
and a risk that the surface is not scrubbed clean.
If we cannot obliterate secret keys as expected then there is
a prize to be liberated by a bad guy or perhaps a white-hat.
--
T o m M i t c h e l l
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20160912/7ef1cbaf/attachment.html>
More information about the cryptography
mailing list