crypto question
Arnold G. Reinhold
reinhold at world.std.com
Wed Mar 27 15:51:49 EST 2002
At 12:23 PM -0700 3/24/02, lynn.wheeler at firstdata.com wrote:
or just security proportional to risk ...
While a valid engineering truism, I have a number of issues with that dictum:
1. It is too often used as an excuse for inaction by people who are
poorly equipped to judge either risk or cost. We've all encountered
the "experts on tap, not on top" attitude of many managements. There
was a good reason the U.S. centralized all crypto in the NSA after WW
II. Managers in organizations like the State Department simply
ignored known security compromises. Communications security never
had a high priority with functional managers, so it was taken away
from them.
2. Costs are often overstated or quoted out of context. A $1000
coprocessor that can verify 100 keys per second ends up costing under
a millicent per verification, even allowing a large factor for peak
demand. The added cost to store long keys is tiny. Good engineering
(often the biggest cost) can be spread over many applications. Cost
of keeping up with security patches is likely modest compared to 24/7
watchman security for a physical location.
3. The nature of risk is very different in cyberspace. Many
cryptographic techniques introduce single points of failure. Bonnie
and Clide can't rob all the banks at once, but the wily hacker might.
It may be cheaper to employ bullet-proof solutions than to really
understand the risks in "good enough" approaches.
4. There is also the question of risk to whom. Many businesses seem
to assume the the government will pick up the tab for a major cyber
terrorism incident. If business execs can say with a straight face
that basic accounting principals are too difficult for them to grasp,
imagine what they will say about a massive crypto failure. So in a
sense taxpayers and consumers are being asked to insure some of
these risks. I suspect they would gladly pay the added costs
(pennies) to apply the best available technology.
5. There is a failure to distinguish between components and systems.
It may be true that any real world system has holes, but that is no
reason to give up on perfecting the tools used to build these
systems. Incorporating known weaknesses into new designs is not
justifiable, absent a compelling, fact-based, cost/security analysis.
Arnold Reinhold
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list