Re: [cryptography] SSL is not "broken by design"

Tue, 20 Sep 2011 10:09:40 -0700 

On 18/09/11 20:02 PM, M.R. wrote:

On 18/09/11 08:59, James A. Donald wrote:


If we acknowledge that SSL is not secure, then need
something that is secure.


Nothing is either "secure", or "not secure". Any engineering
system is either secure for the purpose it was designed for,
or it is not. SSL is secure, since it is secure for the
purpose it was designed and implemented for.
That's bad engineering. Any system that is designed for protecting humans has to base itself on risks. Either it has a reasonable chance of addressing the risks at a good level, or it addresses the risks at a less than good level.
It is only cryptographers that insist that security is binary -- perfect or not there at all. Too my knowledge, no other engineering discipline falls to this hubris [0]. They achieve this remarkable feat by drawing the boundary of security so narrow as to be typically irrelevant to most purposes.
This can be seen in the original design of SSL. It was designed to protect the wire, because it was theorised that the wire was where the threat was. Eavesdropping, MITMs and the like. Not the node.
But, if you read carefully between the lines, there was no evidence of that statement. In fact, it turns out, the reason that the threat was taken to be the wire and not the node was that (a) there was a military cryptography model that supported wire threats as important, and (b) there was an exotic and sexy cryptography design that could defeat it. 

In other words, they did it because they could [1].
In practice it was the reverse: in commercial threats, the node is the problem. It's always been far greater of a problem than the wire [1]. This is why SSL is often considered to be a fashion accessory, not a serious indicator of security; it didn't solve the real problem, but it itself wasn't much of an issue until attackers started embarrassing it by invading its design space with attacks. 



iang
[0] that's a bit of a misnomer, even cryptographers warn the builders of crypto tools that on-off security doesn't exist. [1] So, SSL is broken by requirements. It meets its requirements well, but they weren't so useful to society. [2] with notable exception of SSH, which had a proven eavesdropping problem so put in place an eavesdropping solution :) 
_______________________________________________
cryptography mailing list
[email protected]
http://lists.randombit.net/mailman/listinfo/cryptography

Reply via email to