[Cryptography] Long-term security (was Re: ratcheting DH strengths over time)

[Peter Gutmann]

 John-Mark Gurney <jmg at funkthat.com> writes:

>Only changes your attack surface...  Most of the ones mentioned will easily
>fall to passive listening...  

... which means the attacker has to control a switch or router between the
victim and device and be actively listening at the time that comms take place.
That's a long, long way from being able to seize control of it via a random
port scan over the Internet.

>Either you implement full crypto to get security, or you're vulnerable to any
>number of attacks...  

You're still vulnerable to any number of attacks with full crypto, they're
just different attacks.

Crypto is not soy sauce for security [0].

Peter.

[0] Patrick McKenzie, Kalzumeus Software.