[Cryptography] Security is a total system problem (was Re: Perfection versus Forward Secrecy)
John Kelsey
crypto.jmk at gmail.com
Sat Sep 14 17:59:42 EDT 2013
On Sep 13, 2013, at 3:23 PM, "Perry E. Metzger" <perry at piermont.com> wrote:
> The problem these days is not that something like AES is not good
> enough for our purposes. The problem is that we too often build a
> reinforced steel door in a paper wall.
Also, if AES being insufficiently strong is our problem, we have a whole bunch of solutions easily at hand. Superencrypt successively with, say, Serpent, Twofish, CAST, Salsa, and Keccak in duplex mode. This has a performance cost, but it is orders of magnitude less overhead than switching to manual key distribution of one-time pads.
It's hard for me to think of a real world threat that is addressed better by a one-time pad than by something cheaper and less likely to get broken via human error or attacks on the key management mechanism.
> Perry E. Metzger perry at piermont.com
More information about the cryptography
mailing list