[Cryptography] The Laws (was the principles) of secure information systems design
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Tue Jul 19 23:10:09 EDT 2016
Jon Callas <jon at callas.org> writes:
>> Law 3: Only those you trust can betray you
>
>I know what you're trying to say. I'd think something better might be,
>"talking securely to a snitch is still insecure." Or something like that.
I think it definitely needs to stay in its original form, a huge amount of
stuff that's secure by executive fiat is sold as "trusted" (PKI, TPMs,
TrustZone, etc), so it's essential that there's a law pointing out what
"trust" really means in this case.
>What does "store" mean? Is a value in a register stored? Is data in transit
>stored?
Oh, now you're just being pedantic... :-).
Peter.
More information about the cryptography
mailing list