[Cryptography] What do we mean by Secure?

Rob Meijer pibara at gmail.com
Mon Feb 9 02:57:01 EST 2015 

2015-02-08 12:44 GMT+01:00 ianG <iang at iang.org>:

> On 8/02/2015 00:05 am, Bill Frantz wrote:
>
>> On 2/6/15 at 3:10 PM, kentborg at borg.org (Kent Borg) wrote:
>>
>>  Ah, but then one would have to stop and figure out what one is trying
>>> to do...damn! Can't I just ask for Wholesome Apple Pie and be done?
>>>
>>
>> The more I hear people talk about making thing secure, the more I hope
>> they will explain what they mean by secure. What I mean, in the broadest
>> sense, is "Bad Things Won't Happen". Now this is a bit over nebulous. :-)
>>
>
>
> Well, they often do, as we see.  The issue isn't so much that the result
> is nebulous, but that security is *individual*.
>
> In the old days, we used to say, WYTM or what's your threat model?  The
> problem with this was it captured the above fallacy perfectly -- we were
> all searching for the one threat model to rule all others.
>

​The more useful questions is: What are the most important security
attributes of your resources and what are your most important resources.

The fallacy of the treat model is best illustrated by the second/third lock
analogy. Ask a cop and a fireman the same question: "Should I use the
second and third lock on my door?"

​For the cop the thread model would be intruders and thus the answer would
be a definite yes. ​
​For the fireman the thread model would be ​fire and smoke and thus the
answer would be a definite no. When you look at the most valuable resource
(you and your family) and the most important security attributes
(survival), than you can start to look at the local crime and fire
statistics to try and calculate the most appropriate use of your locks.
Maybe if you live in an urban area on the US south you should use the locks
but if you live in the north of Europe not using the locks would maximize
the chances of survival. Maybe you should choose to use your additional
locks during the holiday season when  there are more house brake ins. Maybe
you should stop using these locks during the dry season. The base idea is,
it doesn't really matter how you die, dying is the least acceptable outcome
and thus the policy should be geared at minimizing the 'all cause'
probability of dying.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20150209/bd1b4a2e/attachment.html>

More information about the cryptography mailing list