[Cryptography] When your security is too secure

[Michael Kjörling]

On 24 Nov 2025 22:27 -0800, from jon at callas.org (Jon Callas):
> Above I used the term "sine qua non," Latin for "without this,
> there's nothing" is that this is not transitive, nor linear, nor
> even a ring. We cryptographers focus on C and drag I around, too,
> because those are interesting, difficult, but solvable. Tacitly is a
> lot of what we talk about is the idea (particularly in communication
> security) that if a message has been lost, it can be resent. We
> don't deal often with the extreme A scenario where the message must
> get through, no matter what, and everything else is secondary. A
> drags along I, because an error is also a loss of A, and C is really
> really nice to have, but if losing C means losing A, then I will do
> without C.

It is also a question of time. If the current time is late evening and
the message is "attack Port Hill at dawn", then A is fairly important
(loss of A means no attack, with whatever consequences follow from
that); I is important (you really don't want the receiver to read the
message as "attack Fort Hill at dawn" and be in the wrong place); but
C really only matters until sunrise, and becomes significantly less
valuable after that time. On the other hand, as time goes on, I might
become _more_ important; if someone later writes a documentary work on
the battle, or if who did what and why comes into question, _what_
happened _when_ becomes more important than keeping the message
secret, but loss of A (losing any single message) is less likely to
impact the overall picture. This is something that is also sometimes
overlooked or ignored in an idealistic world; that for the exact same
message, the relative ordering of the elements within the C-I-A triad
can (and often does) change over time.

-- 
Michael Kjörling
🔗 https://michael.kjorling.se