[127266] in cryptography@c2.net mail archive
Re: Strength in Complexity?
daemon@ATHENA.MIT.EDU (Paul Hoffman)
Wed Jul 2 08:30:09 2008
In-Reply-To: <87prpxf7tt.fsf@snark.cb.piermont.com>
Date: Tue, 1 Jul 2008 18:56:11 -0700
To: "Perry E. Metzger" <perry@piermont.com>,
pgut001@cs.auckland.ac.nz (Peter Gutmann)
From: Paul Hoffman <paul.hoffman@vpnc.org>
Cc: arshad.noor@strongauth.com, cryptography@metzdowd.com, dbrown@forsythe.com
At 8:28 PM -0400 7/1/08, Perry E. Metzger wrote:
>pgut001@cs.auckland.ac.nz (Peter Gutmann) writes:
>> "Perry E. Metzger" <perry@piermont.com> writes:
>>
>>>No. In fact, it is about as far from the truth as I've ever seen. No real
>>>expert would choose to deliberately make a protocol more complicated.
>>
>> IPsec. Anything to do with PKI. XMLdsig. Gimme a few minutes and I can
>> provide a list as long as your arm. Protocol designers *love* complexity.
>> The more complex and awkward they can make a protocol, the better it has to
>> be.
>
>The problem, Peter, is that people who don't know you may mistake your
>sarcasm for agreement with misconception in the article Arshad quoted.
>
The quote from the article was:
"There are, of course, obstacles that must still be overcome by EKMI
proponents. For example, the proposed components are somewhat simple
by design, which concerns some encryption purists who prefer more
complex protocols, on the logic that they're more difficult to break
into."
It jumps from "components" to "protocols". In general, "encryption
purists" like simpler algorithms. OTOH, when "encryption purists" get
involved in protocol design, the protocols usually become complex to
the point of opacity.
So, I agree with Peter that that article is probably correct about protocols.
--Paul Hoffman, Director
--VPN Consortium
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
