On Sat, Nov 20, 2010 at 01:10:53PM +1000, James A. Donald wrote: > Ian G wrote: >> The result of 15-20 years is that nobody has ever lost money because of >> a cryptographic failure, to a high degree of reliability. > > How about all the money lost because Wifi security does not work?
How about accounts broken into because of: LANMAN password hashing? Non-salted (or iterated, or memory-hard) password hashes? Cost of replacing DES? In general I agree with Ian, and think that crypto designers have been working on crypto algorithms because they're clearly defined, algorithmic and/or math. Hammer meets nail. Crypto designers probably do worse with business processes, usability, economics, and issues of scale, because that's not what they're trained in. So no suprise what happens there. I think Denning made a similar observation after working on database security; that attackers didn't attack in the ways you thoughtfully defined for them, they flow around your strong defenses like water. However, given that (e.g.) network crypto was designed to deal with the "sniffer on a core router" attack (no reference, sorry, think it was mid-90s), I think the fact that we haven't seen too many of these stories any more suggests that the solution worked, not that the solution was misguided in some way. IMHO, having attackers move to other systems (or attack parts of a system you designed), is a sign of success, not failure. If you designed that system (or part), that's the best possible outcome. A few parting thoughts. The vast majority of government equipment is COTS; economics of scale enforce this. Absence of evidence is not evidence of absence. Not everything that can be counted counts, and not everything that counts can be counted. As measured in Internet time, an installed base's half-life is forever. Successful systems tend to be evolutionary rather than revolutionary when there's a non-trivial ecosystem around them. A successful system is used in ways its designers never imagined. Resistance to a unforseen class of attack is basically chance. Is doing more of what you're already good at necessarily a bad strategy? -- Good code works on most inputs; correct code works on all inputs. My emails do not have attachments; it's a digital signature that your mail program doesn't understand. | http://www.subspacefield.org/~travis/ If you are a spammer, please email [email protected] to get blacklisted.
pgpMXo5gB7NLW.pgp
Description: PGP signature
_______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
