[Cryptography] Long-term security (was Re: ratcheting DH strengths over time)
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Tue Nov 17 03:34:27 EST 2015
John-Mark Gurney <jmg at funkthat.com> writes:
>Only changes your attack surface... Most of the ones mentioned will easily
>fall to passive listening...
... which means the attacker has to control a switch or router between the
victim and device and be actively listening at the time that comms take place.
That's a long, long way from being able to seize control of it via a random
port scan over the Internet.
>Either you implement full crypto to get security, or you're vulnerable to any
>number of attacks...
You're still vulnerable to any number of attacks with full crypto, they're
just different attacks.
Crypto is not soy sauce for security [0].
Peter.
[0] Patrick McKenzie, Kalzumeus Software.
More information about the cryptography
mailing list