draft paper: "Deploying a New Hash Algorithm"

John Kelsey kelsey.j at ix.netcom.com
Sat Aug 6 16:03:45 EDT 2005


>From: "Steven M. Bellovin" <smb at cs.columbia.edu>
>Sent: Aug 5, 2005 12:04 PM
>To: Steve Furlong <demonfighter at gmail.com>
>Cc: cryptography at metzdowd.com
.Subject: Re: draft paper: "Deploying a New Hash Algorithm" 

...
>I'd have phrased it differently than Perry did.  I'd say
>that the attackers are often cleverer *about security* than
>protocol designers, because insecurity is their specialty.
>Ordinary protocol desingers are good at designing those
>protocols, but they haven't been trained to think about
>security.  

Yes!  I've noticed that it's really common for me to work on
a project for a very short time (like an hour or two), and
start noticing all kinds of security holes, including a lot
of stuff with nothing to do with cryptography.  I'll still
be asking very basic questions of the other people on the
project about how things are *supposed* to work, but be
pointing out attacks they never thought of at the same time.
I think this is just a different way of thinking.  Attackers
and security people do this all the time.  Most normal
people never do--it's like once they've got the rules in
their heads, that's what's possible, and they don't even
think about it.  

How many times, working on security for some system, have
you pointed out an attack, only to hear some variation on
"but who would think of that?"  And you can see the same
thing happening in discussions of homeland security and
counterterrorism stuff.  It's like most people look at the
national guardsmen in the airport, and say "whew, I feel
safer," rather than "what the heck are those guys supposed
to do to stop hijacked planes crashing into buildings?" 

I like your starting points, but I think the real approach
to thinking about this is a bit broader.  It has to do with
understanding the rules, and trying to ask, for each one,
"and what makes me obey that rule?" or "what would happen if
I didn't do such and so?"  

>		--Steven M. Bellovin, http://www.cs.columbia.edu/~smb

--John Kelsey

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list