My message was not a reply to Matt's paper. It was a reply to a message that said, approximately, "If I wanted to SECURE A BUILDING the first thing I would do is worry about the LOCK and replace it with an electric lock..." It did NOT say "If I wanted to SECURE A LOCK...".
My reply was to point out that the suggested strategy for securing a building would almost always be the wrong strategy. I agree that locks and methods of defeating them are intersting. Thanks, Donald ====================================================================== Donald E. Eastlake 3rd [EMAIL PROTECTED] 155 Beaver Street +1-508-634-2066(h) +1-508-851-8280(w) Milford, MA 01757 USA [EMAIL PROTECTED] On Mon, 27 Jan 2003, Faust wrote: > Date: Mon, 27 Jan 2003 13:57:30 +0000 > From: Faust <[EMAIL PROTECTED]> > To: Donald Eastlake 3rd <[EMAIL PROTECTED]> > Cc: Pete Chown <[EMAIL PROTECTED]>, [EMAIL PROTECTED] > Subject: Re: [IP] Master Key Copying Revealed (Matt Blaze of ATT Labs) > > > > You are coming at this from a software/computer mindset that just isn't > > applicable to this sort of physical world security. > > > Matt's paper was about _locks_. > In case you have forgotten, the title was "Cryptology and Physical Security: > Rights Amplification in Master-Keyed Mechanical Locks". > > To weakly criticize his paper because it did not talk about the cost of > fabrication or physical tolerances misses the point entirely. > > There _are_ situations where information leakage is of concern. > > I can imagine other applications of Matt's methods to other forms of > physical security. > > In any case, it is intrinsically interesting > > In practice, social engineering is far easier to use to access secure premises. > Bribe a guard, go to bed with a person with access etc.. > However, that is not the proper domain of a study of rights amplification. > > --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]