[Cryptography] Quillon Graph
Peter Fairbrother
peter at tsto.co.uk
Tue Jan 13 19:19:09 EST 2026
On 12/01/2026 16:34, Dennis Hamilton wrote:
> Is Sec(x) taken to be a Boolean condition?
Yes. 9th law, "Security is a boolean".
I take secure to mean that something is strong enough to resist the
attacks which will be brought against it.
The problem is, we don't know what attacks will be brought against it.
While sometimes we can say it isn't secure, we can only be sure whether
something is secure long after the fact - and often not even then,
unless we are omniscient.
This might seem a singularly unhelpful way of looking at security, but
from the client's point of view it is the thing which matters.
Peter Fairbrother
The laws of secure system design:
0 It's all about control
1 Someone else is after the stuff you have
2 Stuff you don't have can't be stolen from you
3 Everywhere can be attacked
4 More complex systems provide more places to attack
5 Attack methods are many, varied, ever-changing and eternal
6 Only those you trust can betray you
7 Holes for good guys are holes for bad guys too
8 A system which is hard to use will be misused, abused and underused
9 Security is a Boolean
10 Two things once publicly linked can never be reliably unlinked
bubbling under:
Pre-existing systems persist
It is easier for insiders to steal information
The security of a secret is inversely proportional to the square of the
number of people who know it (see Metcalfe's law etc)
People offering the impossible are lying
Schneier's law applies to everything, including these laws
Cheap and effective security needs good system design.
If it's expensive, it probably won't be effective.
Designer fees are cheaper than failure costs
If any messaging app has its own dedicated servers then it is going to
be insecure
Suggestions welcome
More information about the cryptography
mailing list