[Cryptography] OpenPGP and trust

Peter Fairbrother zenadsl6186 at zen.co.uk
Sat Mar 29 13:47:23 EDT 2014 

On 29/03/14 01:43, Stuart Longland wrote:
[...]

> The computer is in some comms room, not accessible to me directly, and
> not connected to the Internet, but I want users to be able to
> authenticate themselves


who to?


over the clear-text link, so the computer can
> differentiate them from some smart-arsed pirate with a $50 hand-held
> radio off eBay and a radio-computer interface.
>
> It'd also be useful from an administrative stand-point to be able to send
> administration commands to that computer, have it perform instructions,
> then get back to me.  A bit like the `uux` command in UUCP.  (And yes, I
> know of "grunt" and do use it over UUCP/SSH already.)

who can send instructions?


and so on.

I think you should maybe forget the crypto bit, and just write down what 
you want to do, in plain language, as clearly as you can.

Ignore how you intend to do it, just write down what you want to do - I 
don't want to see the words signature, authentication anywhere in it. 
Are there users? What can they do? What can't they do? Are there 
administrators? what can they do? is there anything they can't do? is 
there a super-root?

If nothing else, it will make it clear in your mind - but more likely, 
you will then see that there is an obvious way to do what you want to do.


(  OT when I design an electronic device, almost the last thing I do is 
design the circuit. First I decide what it is supposed to do, then I 
design the human interface and the front panel, then the power supply 
and the case - the actual detailed circuit comes last of all.

Now all through this I have been keeping the circuit in mind - what sort 
of things can be done with electronics? there is no point in designing 
something which can't work. Does it need a gazillion controls? then a 
few knobs won't do, and maybe a graphical and/or touchscreen interface, 
or a full-blown immersive simulator, is necessary. How big is the power 
supply and circuit going to be? it has to fit in the case.


After that I have a good idea of what the circuit is supposed to do, and 
actually designing it is so straightforward that mostly it's just boring.


A similar design methodology should be used for security products (and 
software products).  Start with the purpose of the product, then the 
human and electronic interfaces, then the hardware and last of all the 
detailed crypto or code. Oh yes, you think about the crypto all the way 
through, but only in terms of what is possible and what resources it 
will take - worry about the detailed crypto (or code) last  )


-- Peter Fairbrother

More information about the cryptography mailing list