Strength in Complexity?
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Tue Jul 1 20:42:40 EDT 2008
"Perry E. Metzger" <perry at piermont.com> writes:
>The problem, Peter, is that people who don't know you may mistake your
>sarcasm for agreement with misconception in the article Arshad quoted.
What, me, sarcastic? Never!
>The point is not that fools (often including us) haven't built monstrous
>ziggurats that failed. The point is that no one rational should *SEEK* to
>make a protocol into monstrous ziggurat on the basis that this will improve
>security
Sure, any rational designer, working by themselves, will (hopefully) create a
simple, easy-to-analyse protocol. The problem seems to occur once you get
committees involved (although I've seen some one-person-designed protocols
that can match the output of any standards committee :-). So there's a
difference between what should happen in an ideal world and what happens in
practice. People will quite easily build monstrous ziggurats one mud-brick at
a time, as any number of security protocols aptly demonstrate. They're not
built because someone thinks they'll be more secure that way, but because the
delegate from IBM suggested that we need this, and the delegate from MS
insisted on having that, and the delegate from Verisign required the other.
(Actually even that doesn't really explain something like IKE... :-).
Peter.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list