crypto question

Jim Choate ravage at ssz.com
Sun Mar 24 16:16:07 EST 2002 

On Sun, 24 Mar 2002 lynn.wheeler at firstdata.com wrote:
 
> or just security proportional to risk ... random refs:

There's a short coming with that view.

In order to apply realistic metrics to what that risk is (eg 1 in 100
years) one must have systems being broken in order to vet it. It's one
thing to state a axiom as you have done. It's a whole other one to apply
it within a time schedule, budget, and general social setting. The three
primary questions that occur when trying to give these real numbers
become:

-	How long between services checks

-	How long between system upgrade/replacement

-	How have other systems stood up to intentional attacks

The first is important to vet the continued opperation of an existing
systems. The second is important in respect to opportunity to subvert and
and the diffussion of 'classified' info out of controlled environments (eg
robber's girlfriend is student...who applied for an internship...who
copies the random page hither and yon...). And finaly this gives one a
real graps of cost and 'friction' (to borrow a military term).

A special note for three, this implies that at least some of the
mechanisms of the same 'class' are(!) being broken. If not then one really
has no way to make a metric. The only enginering answer is "I don't
know"; I make the distinction between political and organizations needs
and engineering ones.

The vast majority of security mechanisms fail on several of these
regularly. It's not intentional but unless you're running something with
the dispcipline of a military base or prison you're going to have
problems.

I don't believe there are enough deliberate public attacks to make the
third boundary condition relevant in most security situations. But on the
flip side, most security situations are really overly sensitive to their
probability. [1]

[1] Which is probably a good thing for the industry :)


 --
    ____________________________________________________________________

                 There is less in this than meets the eye.

                                     Tellulah Bankhead
     ravage at ssz.com                                         www.ssz.com
     jchoate at open-forge.org                          www.open-forge.org
    --------------------------------------------------------------------


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com

More information about the cryptography mailing list