On Tue, 01 Jul 2008 12:12:26 -0700 Arshad Noor <[EMAIL PROTECTED]> wrote:
> The author of an article that appeared in InformationWeek this week > (June 30, 2008) on Enterprise Key Management Infrastructure (EKMI): > > http://www.informationweek.com/shared/printableArticle.jhtml?articleID=208800937 > > states the following: > > "There are, of course, obstacles that must still be overcome by EKMI > proponents. For example, the proposed components are somewhat simple > by design, which concerns some encryption purists who prefer more > complex protocols, on the logic that they're more difficult to break > into." > > In light of the recent discussions about experts in cryptography, > I thought I'd ask this forum to comment on the above author's > statement: is this true? > > Do cryptography experts deliberately choose complexity over simplicity > when the latter might provide the same strength of protection? Since > I do not consider myself a cryptography expert, and have instinctively > preferred simpler - but strong - technical solutions, have my > instincts been wrong all along? TIA. > No, no one competent would deliberately opt for complexity. However, there's a quote I've seen attributed to Einstein to remember: "Everything should be as simple as possible, but no simpler." Sometimes, extra complexity is due to the need to deflect certain attacks, such as replays and cut-and-paste. It's quite possible that the original, simpler design isn't resistant to some threats, either because the designers weren't aware of them or because they felt that they weren't credible in their environment. Without more details than are in the article (and I don't have the time or energy to read through those documents), it's hard to say. I did see one possible red flag in the article: "the key server verifies the client request, then encrypts, digitally signs, and escrows the key in a database". Escrowed keys are potentially *very* dangerous, but without knowing just what's being stored and how it's being protected, I can't say more. --Steve Bellovin, http://www.cs.columbia.edu/~smb --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]