[Cryptography] Client certificates as a defense against MITM attacks

Peter Gutmann pgut001 at cs.auckland.ac.nz
Tue Mar 18 20:01:34 EDT 2014

Guido Witmond <guido at witmond.nl> writes:

>Here it goes for two, still free men:
>[Pages of text]

I think this is the prose version of the famous XKCD cartoon:


The (elided) text above is the "A crypto nerd's imagination" part.  The "What 
would actually happen" part is that the two guys get about three or four hours 
into the calisthenics required (which would be about the second or third 
paragraph in the description) and then decide "Bugger this, I'm off to my 
favourite bar to see if I can pick someone up there, and damn the mutaween".

It's no good having a system so super-duper-secure that you can use it to
protect nuclear weapons launch codes if it's so hard to use that no-one can do
anything with it.


More information about the cryptography mailing list