[Cryptography] Paranoia for a Monday Morning

Peter Gutmann pgut001 at cs.auckland.ac.nz
Mon Oct 27 14:45:12 EDT 2014


Jerry Leichter <leichter at lrw.com> writes:

>As I look at the world around me, however, I see few proven attacks against
>fielded cryptographic implementations - but an ever-flowing stream of attacks
>against another class of standardized software.

Interesting that you should mention this, I was talking today to a PKI
practitioner (so not someone who charges you $50,000 to tell you how wonderful
your PKI will be when it's working, but someone who actually has to get it
working) and they mentioned that while the geeks are worrying about whether
they can roll over their SHA-1 certs and whatnot quickly enough and when
attackers will start forging certs, what's really hitting them is the fact
that it needs constant shepherding and tweaking and maintenance to keep it
running.  So the problem isn't one of security but one of availability, that
once you've tied your infrastructure to the inflexible rigidity of a
cryptographically-bound system your concerns will be running your
organisational processes within that straightjacket and not any actual attacks
that the straightjacket may or may not be preventing.

(And as you say, the attacks aren't against the crypto anyway, but against all
the other stuff, completely ignoring the presence of the crypto.  Insert
Shamir's Law quote here).

Peter.


More information about the cryptography mailing list