At 20:17 18-11-2009 +0000, you wrote: >On 2009-11-18, N. Coesel <[email protected]> wrote: >> At 15:54 18-11-2009 +0000, you wrote: >>>On 2009-11-18, David Brown <[email protected]> wrote: >>>> N. Coesel wrote: >>> >>>>>> The old "security by obscurity" trick, that has /such/ a good reputation? >>>>> >>>>> Any means of security is security by obscurity by definition. >>>>> All protections schemes come down to hiding a secret >>>>> (obscurity). Whether its a key, a secret algorithm, etc. >>>> >>>> The phrase "security by obscurity" is normally taken to mean >>>> "security by hiding the way it works", i.e., trying to hide >>>> the code or algorithm. >>> >>>Exactly. "Security by obscurity" does not refer to the fact >>>that you need to keep a secret key a secret. It refers >>>specifically to the dependance on keeping the design and >>>implementation of the _algorithms_ a secret. >>> >>>Quoting Paul Schneier in _Secrets_&_Lies_: >>> >>> A good security design has no secrets in its details. In >>> other words, all of the security is in the product itself >>> and its chageable secret: the cryptographic keys, the >>> passwords, the tokens and so forth. The antithesis is >>> _security_by_obscurity_: The details of the system are >>> part of the security. If a system is designed with >>> security by obscurity then that security is delicate. >>> >>>Later in the same book: >>> >>> Again and again in this book I rail against _security_by_ >>> _obscurity_: proprietary cryptography, closed source code, >>> secret operating systems. >>> >>> >>>Security by obscurity doesn't work. >> >> Which is big a misconception! > >History appears to show otherwise.
If that where the case then tell me why our every day life is filled with applications that use 'keep the lock' secret method? Lets start with the PIN code on debit/credit cards, public travel payment systems and access control systems. People that run those systems are not just looking at technical possibilities they also want a system with which they can make a profit. >> - If you make the way the lock works publicly available then you need a >> complex lock and a big key. This security measure relies on the key staying >> hidden and that it will take a long time to pick the lock. >> >> - If you keep the way the lock works secret, > >You can't. At least not for long. Well, it took 15 years before someone hacked Mifare by peeling the chip. People don't seem to be dumping Mifare so I guess we'll see Mifare around for another 10 years. Not a problem because you can put AES encrypted data onto a Mifare card which solves the entire issue. Nico Coesel
