[Cryptography] Are zero knowledge authentication systems safe?
Bill Frantz
frantz at pwpconsult.com
Sun Nov 1 19:28:25 EST 2015
On 11/1/15 at 3:18 PM, brk7bx at virginia.edu (Benjamin Kreuter) wrote:
>* Yes, there are a few examples of attempts to use a provably secure
>design that created even more of a mess for TLS. There is a much longer
>list of problems with TLS stemming from ad-hoc designs that lacked any
>security argument. The broader point is that incrementally refining the
>security of a protocol, which has been the general process for TLS, is
>not going to work well for the next generation of cryptosystems.
The good news here is that people are actively doing security
modeling and proof for the evolving TLS 1.3 standard, AND the
TLS working group is enthusiastically welcoming their results.
Cheers - Bill
-----------------------------------------------------------------------
Bill Frantz | Privacy is dead, get over | Periwinkle
(408)356-8506 | it. | 16345
Englewood Ave
www.pwpconsult.com | - Scott McNealy | Los Gatos,
CA 95032
More information about the cryptography
mailing list