> I imagine the Plumbers & Electricians Union must have used similar
> arguments to enclose the business to themselves, and keep out unlicensed
> newcomers.  "No longer acceptable" indeed.  Too much competition boys?


Oh come on.  Are you willfully misinterpreting what I wrote, or
did you honestly believe that that was my intent?

No one - at least certainly not I - suggests that people shouldn't
be allowed to invent whatever new protocols they want or that some
"union card" be required in order to do so.  However, we've learned
a lot in recent years about how to design such protocols, and we've
seen intuitively "obviously" secure protocols turn out to be badly
flawed when more advanced analysis techniques and security models
are applied against them.

Yes, the standards against which newly proposed protocols are measured
have increased in recent years: we've reached a point where it is
practical for the potential users of many types of security protocols
to demand solid analysis of their properties against rather stringent
security models.  It is no longer sufficient, if one hopes to have
a new protocol taken seriously, for "designers" to simply throw a proposal
over the wall to users and "analysts" and hope that if the analysts
don't find something wrong with it the users will adopt it.  Now
it is possible - and necessary - to be both a protocol designer and
analyst at the same time.  This is a good thing - it means we've made
progress.  Finally we can now look at practical protocols more
systematically and mathematically instead of just hoping that we
didn't miss certain big classes of attack.  (We're not done, of course,
and we're a long way from discovering a generally useful way to look
at an arbitrary protocol and tell if it's secure).

Fortunately, there's no dark art being protected here.  The literature
is open and freely available, and it's taught in schools.  And unlike
the guilds you allude to, anyone is free to participate.  But if they
expect to be taken seriously, they should learn the field first.

I'd encourage the designer of the protocol who asked the original question
to learn the field.  Unfortunately, he's going about it a sub-optimally.
Instead of hoping to design a just protocol and getting others to throw
darts at it (or bless it), he might have better luck (and learn far
more) by looking at the recent literature of protocol design and analysis
and trying to emulate the analysis and design process of other protocols
when designing his own.  Then when he throws it over the wall to the rest
of the world, the question would be not "is my protocol any good" but
rather "are my arguments convincing and sufficient?"

I suppose some people will always take an anti-intellectual attitude
toward this and congratulate themselves about how those eggheads who
write those papers with the funny math in them don't know everything to
excuse their own ignorance of the subject.  People like that with
an interest in physics and engineering tend to invent a lot of
perpetual motion machines, and spend a lot of effort fending off
the vast establishment conspiracy that seeks to suppress their
brilliant work.  (We've long seen such people in cipher design, but
they seem to have ignored protocols for the most part, I guess
because protocols are less visible and sexy).

Rich, I know you're a smart guy with great familiarity (and
contributions to) the field, and I know you're not a kook, but
your comment sure would have set off my kook alarm if I didn't
know you personally.

> Who on this list just wrote a report on the dangers of Monoculture?
> Rich Schroeppel   [EMAIL PROTECTED]
> (Who still likes new things.)

Me too.


The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to