X.509 / PKI, PGP, and IBE Secure Email Technologies

James A. Donald jamesd at echeque.com
Thu Dec 8 22:15:07 EST 2005


    --
James A. Donald:
> > > > We can, and should, compare any system with the 
> > > > attacks that are made upon it.   As a boat 
> > > > should resist every probable storm, and if it 
> > > > does not it is a bad boat, an encryption system 
> > > > should resist every real threat, and if it does 
> > > > not it is a bad encryption system.

Aram Perez
> > > I'm sorry James, but you can't expect a (several 
> > > hundred dollar) rowboat to resist the same 
> > > probable storm as a (million dollar) yacht.

James A. Donald:
> > Software is cheaper than boats - the poorest man can 
> > afford the strongest encryption, but he cannot 
> > afford the strongest boat.

Aram Perez
> If it is that cheap, then why are we having this 
> discussion? Why isn't there a cheap security solution 
> that even my mother can use?

Design is not cheap, and in particular cryptographic 
design is not cheap, because one has to see what attacks 
eventuate - one commonly discovers that one's
cryptography was fine, but one's threat model was
inadequate.  But having been designed, and survived 
attack, it can then be supplied to everyone. 

    --digsig
         James A. Donald
     6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG
     J0TlTGnN72O7gpg1XX5GRDTi4nJ4wVeAa557yccN
     44MC72QwGhBFeTainKp+spi3G6oGpfuNsPZYDSpwt



---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list