Re: Security Problems

Brad Knowles (brad@his.com)
Wed, 6 Mar 1996 05:39:39 -0500

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Brad Knowles: "Re: Security Problems"
Previous message: Brad Knowles: "Re: Draft of workshop notes"
Maybe in reply to: Terry Ritter: "Security Problems"
Next in thread: Brad Knowles: "Re: Security Problems"

At 2:14 AM 3/6/96, Terry Ritter wrote:

>  However, the idea that different *ciphers* imply different
>  *standards* is seriously whacked.  The one "standard" that should
>  be defined is the interface -- the API if you will -- that will
>  allow virtually any cipher to slide into the rest of the system.

    Trying to support too many different types of ciphers is
*precisely* what was commented on.  You should support a set greater
than two, but smaller than some relatively small number, because
otherwise the implementation complexity gets too large.

    The size of the "relatively small number" differs from one
cryptographic expert to another.  some would set it as low as two,
some would set it as high as eight.  I've never heard any proposals
outside that range of numbers (and with a very strong skew, one could
almost say an inverse exponential skew, towards the fewer numbers).

>  Perhaps you are confusing me with some other proposer.  My
>  proposals have *never* assumed "some inherent algorithm that was
>  designed into the standard."  Indeed, this is precisely what my
>  proposals avoid.

    You were the one proposing that Triple DES be used when all else
fails, and that this is what should be assumed to be the base
available in the initial negotiations, right?  This is the "inherent
algorithm that designed into the standard".

>  Oh, yes.  We guarantee to trust the other end when we propose to
>  share secrets with them.  If we do not so propose, we do not need
>  cryptography.  Therefore, we already know that we "trust" the
>  other end (albeit to some unknown extent).

    Until you know how much you trust the other end, I submit that
you don't (yet) "trust" them at all.

    It is to this degree that you must protect yourself as much as
possible and avoid leakage to them of knowledge of all the various
encryption algorithms you support -- let them find out how you prefer
to be contacted via the public registry, and then you can negotiate
further once the contact has begun, if you find it necessary to do
so.

--
Brad Knowles,                                  MIME/PGP: brad@his.com
    comp.mail.sendmail FAQ Maintainer     <http://www.his.com/~brad/>
        finger brad@his.com for my PGP Public Keys and Geek Code
The comp.mail.sendmail FAQ is at <http://www.his.com/~brad/sendmail/>

Next message: Brad Knowles: "Re: Security Problems"
Previous message: Brad Knowles: "Re: Draft of workshop notes"
Maybe in reply to: Terry Ritter: "Security Problems"
Next in thread: Brad Knowles: "Re: Security Problems"