X.509 / PKI, PGP, and IBE Secure Email Technologies
James A. Donald
jamesd at echeque.com
Thu Dec 8 22:15:07 EST 2005
--
James A. Donald:
> > > > We can, and should, compare any system with the
> > > > attacks that are made upon it. As a boat
> > > > should resist every probable storm, and if it
> > > > does not it is a bad boat, an encryption system
> > > > should resist every real threat, and if it does
> > > > not it is a bad encryption system.
Aram Perez
> > > I'm sorry James, but you can't expect a (several
> > > hundred dollar) rowboat to resist the same
> > > probable storm as a (million dollar) yacht.
James A. Donald:
> > Software is cheaper than boats - the poorest man can
> > afford the strongest encryption, but he cannot
> > afford the strongest boat.
Aram Perez
> If it is that cheap, then why are we having this
> discussion? Why isn't there a cheap security solution
> that even my mother can use?
Design is not cheap, and in particular cryptographic
design is not cheap, because one has to see what attacks
eventuate - one commonly discovers that one's
cryptography was fine, but one's threat model was
inadequate. But having been designed, and survived
attack, it can then be supplied to everyone.
--digsig
James A. Donald
6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG
J0TlTGnN72O7gpg1XX5GRDTi4nJ4wVeAa557yccN
44MC72QwGhBFeTainKp+spi3G6oGpfuNsPZYDSpwt
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list