@lritter it's not insecure unless you're relying upon distributional assumptions
Discussion
Loading...
this part is good though
Analogues of the “paper protocols” currently in use are required. Hopefully these new electronic based protocols are at least as good as those they replace. There is a unique opportunity for society to introduce new and more efficient ways of ensuring information security. Much can be learned from the evolution of the paper based system, mimicking those aspects which have served us well and removing the inefficiencies.
linking cryptographic affordances to the human concepts of trust and interactions that their human users use them for is sorely missing from almost every single protocol and this is often used to hide subtle issues
LMAO at this part though
Cryptography is about the prevention and detection of cheating and other malicious activities.
sir??????
actually you can tell this book is dated because
level of security. This is usually difficult to quantify.
nobody would ever say this is difficult to quantify nowadays given that the entire purpose of the field seems to be to quantify it. i do wonder whether it's actually a good sign that this is described as hard to quantify. it's usually difficult to quantify things. i have decided this is good
this is a fascinating argument for the importance of a cryptographic key which also bears upon security through obscurity
The question arises as to why keys are necessary. (Why not just choose one encryption function and its corresponding decryption function?) Having transformations which are very similar but characterized by keys means that if some particular encryption/decryption transformation is revealed then one does not have to redesign the entire scheme but simply change the key. It is sound cryptographic practice to change the key (encryption/decryption transformation) frequently. As a physical analogue, consider an ordinary resettable combi- nation lock. The structure of the lock is available to anyone who wishes to purchase one but the combination is chosen and set by the owner. If the owner suspects that the combination has been revealed he can easily reset it without replacing the physical mechanism.
@hipsterelectron It makes me twitch "codes are programs", like "numbers are programs". Even keys are programs, and we trust them like programs - imagine having a stray "0" key... it would "do very wrong things".
@hipsterelectron i mean as long as the combination lock cant be shimmed by a butchered soda can, this stands as OK analogy
@zardoz03 that's good because then they can't get you for carrying a lockpicking kit
1 more replies (not shown)
Various other names are synonymous with adversary such as enemy, attacker, opponent, tapper, eavesdropper, intruder, and interloper.
this seems to potentially indicate that the "security through obscurity" meme had not yet been invented in 1997
One can gain additional security by keeping the class of encryption and decryption transformations secret but one should not base the security of the entire scheme on this approach. History has shown that maintaining the secrecy of the transformations is very difficult indeed.
1+ more replies (not shown)
@hipsterelectron lol. but i guess "hacker spirit" really wasn't "pop" in 1976?
@hipsterelectron Oh, I ended up in "New directions in cryptography" by Diffie and Hellman (1976), because you mentioned it.
@hipsterelectron Might admit, I'm just following along and throwing useful bits in my infobag like a hamster. 🐹😅
1 more replies (not shown)