[15892] in cryptography@c2.net mail archive
Re: Al Qaeda crypto reportedly fails the test
daemon@ATHENA.MIT.EDU (Ian Brown)
Thu Aug 12 16:55:49 2004
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Wed, 11 Aug 2004 16:24:15 +0100
From: Ian Brown <I.Brown@cs.ucl.ac.uk>
To: "Steven M. Bellovin" <smb@research.att.com>
Cc: John Denker <jsd@av8n.com>, cryptography@metzdowd.com,
Mark Handley <m.handley@cs.ucl.ac.uk>,
Jon Crowcroft <jon.crowcroft@cl.cam.ac.uk>
In-Reply-To: <20040809231036.7EB3B1AE9C@berkshire.research.att.com>
In message <41153C1F.9020808@av8n.com>, John Denker writes:
>>Here's a challenge directly relevant to this group: Can you
>>design a comsec system so that pressure against a code clerk
>>will not do unbounded damage? What about pressure against a
>>comsec system designer?
Modulo Steve's comments about the threat model, Ben Laurie and I wrote a
paper on this theme a few years ago:
http://www.acsac.org/2000/papers/47.pdf
I developed that paper's threat model into chapter 4 of my PhD thesis:
http://www.cs.ucl.ac.uk/staff/I.Brown/pimms/thesis.pdf
We are still hopeful that we will eventually get somewhere with our
Internet draft improving the forward secrecy capabilities of OpenPGP:
http://www.cs.ucl.ac.uk/staff/I.Brown/openpgp-pfs.txt
--
+44 7970 164 526 / http://www.cs.ucl.ac.uk/staff/I.Brown/
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
