[Cryptography] The Laws (was the principles) of secure information systems design
Bob Wilson
rwilson at wisc.edu
Thu Jul 14 13:13:39 EDT 2016
> Law 2: If it isn't stored it can't be stolen
Sounds "obviously" true, but as a mathematician I know that when I say
something is "obvious" other mathematicians will take it to mean I need
it to be true but I can't remember how to prove it. (There are lots of
mathematician's jokes that amount to definitions of "obvious"...)
In this case it may well be true, but that depends on the whole
collection that has been stored. You can choose to omit some fact but at
the same time leave in other things that imply part or all of that fact.
It is hard to be sure that something is not implicit without a process
equivalent to formal verification. So "If it isn't stored" covers a lot
more than it appears to.
Bob Wilson
More information about the cryptography
mailing list