[Cryptography] Tamper-evident cryptographic systems
Tom Mitchell
mitch at niftyegg.com
Sat Mar 22 15:23:33 EDT 2014
On Sat, Mar 22, 2014 at 8:42 AM, Ralf Senderek <crypto at senderek.ie> wrote:
>
> On Sat, 22 Mar 2014, Jerry Leichter wrote:
>
> Imagine it's five years from now. TLS with PFS is essentially universal
>> for all Web services.
>>
>
> And is working.
>
Yes, This is a positive observation. Sufficiently positive to open the
outrageous
speculation what Snowden was assigned this task.
There are three primary data points to consider.
* Power of meta data.
* Industrial espionage expects content not meta data.
* Strength of FISA and other legal warrants.
NSA is a national security agency and we had/ have some
serious security issues with electronic communications. Hmmm... how
to get them fixed.
So now, there is now a dialogue to consider the next steps
needed to further secure electronic communication. One discussion
centers on DNS and MITM attacks and is the most obvious.
The one pawn in the game is Target. The fragility of financial
communications
was understood by many as fragile as we are seeing with the Target POS
device compromise (very illuminating). This is immensely interesting in
the context
of an internet of things. Not specific things like Stuxnet but any and
nearly everything.
Small inexpensive and powerful devices, as Chromecast devices demonstrate.
Some will recall that the Morris worm did nothing that was not known. The
list
of flaws was well documented in the book by Morris Sr. long before the
worm.
Almost none were fixed until exploited by Jr.
Well no mater... What to do next and where possible in parallel?
--
T o m M i t c h e l l
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20140322/448406a0/attachment.html>
More information about the cryptography
mailing list