[Cryptography] The Laws (was the principles) of secure information systems design
Tom Mitchell
mitch at niftyegg.com
Wed Jul 13 15:33:17 EDT 2016
On Tue, Jul 12, 2016 at 1:30 PM, Peter Fairbrother <peter at m-o-o-t.org>
wrote:
> I've been revising the principles, and came up with this. It's an early
> version.
>
> As ever, corrections and suggestions are welcome.
>
> Calling them Laws is perhaps a bit overreaching - but on reflection I
> thought that's mostly what they are, break them and the system won't be
> secure.
>
> I will put the Laws up on the 'net shortly, hopefully with a link for
> suggestions and comments.
Minor quibble about "Law":
There is a legal framework that we live within.
As we recently saw:
"Vladimir Putin, has ordered the Federal Security Service (FSB) to produce
"encryption keys" to decrypt all data on the internet
<http://gawker.com/putin-is-literally-breaking-the-internet-1783293408>,"
This qualifies as Law in a legal context.
Perhaps tenet or a principle.
or perhaps modify 0 to address external control and power.
Law 0: Legal context, regulation and legislation can complicate all the
below technical laws of cryptography.
The reality is legislation cannot manipulate mathematics and logic but some
do try.
--
T o m M i t c h e l l
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20160713/c6608fad/attachment.html>
More information about the cryptography
mailing list