[Cryptography] Cipher death notes

Ray Dillinger bear at sonic.net
Fri Apr 3 15:10:11 EDT 2015

On 04/03/2015 08:36 AM, Phillip Hallam-Baker wrote:

> 1) A cipher becomes unfit for use long before a it is possible to
> perform the hardest attacks. SHA-1 has not been broken, even MD5 is
> not completely broken. It will never be possible to extract a DES key
> used to encrypt a random plaintext. etc.

Right.  Before there's an actual attack that someone can really
perform, there is still time to consider options and reach
consensus.  That dam has not yet broken, and there are not
yet millions of tons of water sweeping down on the homes of
the innocent.

> 2) What do you do if the note is activated?

If the note can appear, then the dam has utterly and completely
broken.  The disaster has happened, and the foundations of
the homes of the innocents are already underwater.  And the
water's rising.

The note is not the broken dam, nor is it the flood.  The note
is not the disaster, the note is somebody who is both sounding
the flood warning sirens and trying to pile sandbags into the
breach.   At that point you are doing emergency response.
There is no more time to consider or plan or anything else. At
that point grit your teeth and pitch in with all the other
first responders and good samaritans to do everything you can
for the imperiled and the survivors.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20150403/aa126492/attachment.sig>

More information about the cryptography mailing list