(also posted to sci.crypt in modified form)
At Usenix Security, Eric Rescorla pointed out that some of the cryptographic flaws we have seen can be prevented by applying good "crypto hygiene." My questions for the floor --
* What is "good hygiene" ? * Where would I find it written down? * How do we develop good hygiene?
The problems implementing reliable crypto seem to parallel the problems which plagued early digital logic design. Although digital logic operates as if only zeros and ones exist, in fact the physics underlying the circuit components is analog. Until technologists developed SSI, MSI and later LSI circuits, which pretty effectively "walled off" the analog world, engineers were forever chasing analog demons in their digital designs. Now these problems generally appear only when circuits or their environment (e.g., speed, temperature and voltage) exceed design parameters.
Mark Miller's approach using "E" may be one approach for applying the "walling off" practiced in digital design for security.
steve
"...for every complex problem, there is a solution that is simple, neat, and wrong."
-- H.L. Mencken
--------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
