CFP: PKI research workshop

Anonymous nobody at remailer.privacy.at
Mon Jan 7 15:40:09 EST 2002


Russ Neson writes:
> 3. Cryptography, and therefore PKI, is meaningless unless you first
> define a threat model.  In all the messages with this Subject, I've
> only see one person even mention "threat model".  Think about the
> varying threat models, and the type of cryptography one would propose
> to address them.  Even the most common instance of encryption,
> encrypted web forms for hiding credit card numbers, suffers from
> addressing a limited threat model.  There's a hell of a lot of known
> plaintext there.

It's not clear what you mean by the limited threat model in encrypting web
forms, but one correction is necessary: known plaintext is not an issue.

See the sci.crypt thread "Known plaintext considered harmless" from June,
2001 (available by advanced search at groups.google.com).  Especially note
the perceptive comments by David Wagner and David Hopwood.  There is no
need to be concerned that encrypted web forms contain known plaintext:
no plausible threat model can exploit that information.



---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com




More information about the cryptography mailing list