[18092] in cryptography@c2.net mail archive
Re: draft paper: "Deploying a New Hash Algorithm"
daemon@ATHENA.MIT.EDU (Steven M. Bellovin)
Fri Aug 5 19:28:44 2005
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
From: "Steven M. Bellovin" <smb@cs.columbia.edu>
To: Steve Furlong <demonfighter@gmail.com>
Cc: cryptography@metzdowd.com
In-Reply-To: Your message of "Thu, 04 Aug 2005 10:23:55 EDT."
<7d752ae30508040723d2376a5@mail.gmail.com>
Date: Fri, 05 Aug 2005 12:04:34 -0400
In message <7d752ae30508040723d2376a5@mail.gmail.com>, Steve Furlong writes:
>> [Moderator's note: ... attackers are often cleverer than protocol
>> designers. ...
>
>Is that true? Or is it a combination of
>
>(a) a hundred attackers for every designer, and
>(b) vastly disparate rewards: continued employment and maybe some
>kudos for a designer or implementer, access to $1,000,000,000 of bank
>accounts for an attacker
>
I'd have phrased it differently than Perry did. I'd say that the
attackers are often cleverer *about security* than protocol designers,
because insecurity is their specialty. Ordinary protocol desingers are
good at designing those protocols, but they haven't been trained to
think about security. Here's how I put it in my talk at the IETF
plenary last night:
\ns{Patterns of Thought}
\item Serial number 1 of any new device is delivered to your enemy.
\item You hand your packets to your enemy for delivery.
\item Your enemy is just as smart as you are. If we haven't seen
a given class of attack yet, it's because it hasn't been necessary;
simpler attacks have worked well enough. (Besides, how do you know
if you'll actually notice it?)
\endns
--Steven M. Bellovin, http://www.cs.columbia.edu/~smb
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
