[127265] in cryptography@c2.net mail archive
Re: Strength in Complexity?
daemon@ATHENA.MIT.EDU (Peter Gutmann)
Wed Jul 2 08:29:25 2008
From: pgut001@cs.auckland.ac.nz (Peter Gutmann)
To: perry@piermont.com, pgut001@cs.auckland.ac.nz
Cc: arshad.noor@strongauth.com, cryptography@metzdowd.com,
dbrown@forsythe.com
In-Reply-To: <87prpxf7tt.fsf@snark.cb.piermont.com>
Date: Wed, 02 Jul 2008 12:42:40 +1200
"Perry E. Metzger" <perry@piermont.com> writes:
>The problem, Peter, is that people who don't know you may mistake your
>sarcasm for agreement with misconception in the article Arshad quoted.
What, me, sarcastic? Never!
>The point is not that fools (often including us) haven't built monstrous
>ziggurats that failed. The point is that no one rational should *SEEK* to
>make a protocol into monstrous ziggurat on the basis that this will improve
>security
Sure, any rational designer, working by themselves, will (hopefully) create a
simple, easy-to-analyse protocol. The problem seems to occur once you get
committees involved (although I've seen some one-person-designed protocols
that can match the output of any standards committee :-). So there's a
difference between what should happen in an ideal world and what happens in
practice. People will quite easily build monstrous ziggurats one mud-brick at
a time, as any number of security protocols aptly demonstrate. They're not
built because someone thinks they'll be more secure that way, but because the
delegate from IBM suggested that we need this, and the delegate from MS
insisted on having that, and the delegate from Verisign required the other.
(Actually even that doesn't really explain something like IKE... :-).
Peter.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
