[Cryptography] How to De-Bollocks Cryptography?
Ray Dillinger
bear at sonic.net
Sun Aug 11 16:12:32 EDT 2024
On 8/9/24 02:40, Sebastian Stache via cryptography wrote:
> On 2024-08-08 00:43, Jon Callas wrote:
>
>> let's consider securing a building.
>> The simplest way to do it is to have only one door into it.
>> Everything goes through one door, so that's obviously simpler.
At the risk of excessive snark, I'll point out that the simplest way to
secure a building is to omit complications like interior spaces that an
attacker could gain access to. With no "inside", we can eliminate
"doors" all together and don't have to worry about an attacker finding a
way in.
Such a concrete-filled building is as secure against its users as it is
against its attackers, which greatly simplifies access control and key
management since without any user privileges there is no risk of a
privilege escalation attack, and without doors there is no need for keys.
Obviously, securing a building in such a way has no value. Security does
not derive value from implementing impenetrable boundaries or making
things impossible. The value is in enforcing a desired, nonempty, set
of circumstances under which boundaries can be crossed and under which
actions are possible.
Bear
More information about the cryptography
mailing list