Re: Is cryptography where security took the wrong branch?
In message [EMAIL PROTECTED], Ian Grigg [EMAIL PROTECTED] wrote: For example, he states that 28% of wireless networks use WEP, and 1% of web servers use SSL, but doesn't explain why SSL is a success and WEP is a failure :-) Actually, he does; slide 11 is titled Why has SSL succeeded?, and slide 23 is titled The WEP Debacle. Also, although speakers often do nothing more than read what's on the screen, a talk does ideally involve more content than is on the slides. I would agree that HTTPS has been more successful than WEP, in the sense of providing defense against real threats. HTTPS actually defends against some real attacks, providing an effective answer to a clearly defined problem: preventing the exposure of sensitive information such as credit card numbers, even in the face of eavesdropping and server impersonation. This is only one threat model and maybe not the most realistic one, but HTTPS does define it and address it. Meanwhile, WEP is too weak to prevent any attacks; and even if it were not cryptographically weak, its stone-age key management would make it a poor tool for any network with more than a handful of users. A very relevant question is why WEP has been so much more widely deployed than HTTPS. Eric Rescorla is correct that people choose whether to use security measures or not based mostly on how convenient they are, not on how much they need them. In this sense, HTTPS is a failure; although it is effective, it is so difficult to use that almost no one bothers unless credit card numbers are involved. Security needs to be easy, or people will just put up with losses instead. One thing he doesn't stress is design by committee v. design by small focused team. Much of SSL and SSH's strengths are that they were designed and deployed quickly and cheaply (and insecurely!) so as to tap into real needs real quickly. I would suggest that any security protocol designed by a committee has a low survivability rating. In fact, early versions of both SSL and SSH had extensive flaws; it took many people to evolve them into their present states. *All* security protocols have low survivability ratings. Inventing a new protocol is extremely hazardous. -- Shields. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Is cryptography where security took the wrong branch?
In message [EMAIL PROTECTED], Ian Grigg [EMAIL PROTECTED] wrote: One thing that has been on my mind lately is how to define success of a crypto protocol. There are two needs a security protocol can address. One is the need to prevent or mitigate real attacks; the other is to make people feel less afraid. HTTPS might or might not have addressed a major problem, but it did address a major fear. Many people -- not only consumers, but also merchants, issuing banks, and processing companies -- were concerned about using credit card numbers on the Internet in 1995, when there was no viable way to buy anything online. Netscape designed an effective protocol, deployed it widely, and made it visible to end-users. It offered a credible promise that you could trust your session without trusting the network, and that's what made people willing to do large-scale online commerce and banking. This is not to be underestimated. At the same time, Netscape put visible crypto into the hands of people who had never used crypto before, and in many cases had never even owned a computer before. This did a great deal to counter the rhetoric about encryption being a tool for drug dealers and child pornographers. The physical security industry has known for a long time that if you want something deployed, you shouldn't be looking at what problems are interesting or even at what problems people actually have. You should be looking at what makes people afraid. Fear drives deployment. -- Shields. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Beware of /dev/random on Mac OS X
In message [EMAIL PROTECTED], Peter Hendrickson [EMAIL PROTECTED] wrote: Apple apparently only accepts bug reports from members of the Apple Developers Connection. If any such members are on this list, it might be a good idea to submit a report: https://bugreport.apple.com/cgi-bin/WebObjects/RadarWeb.woa Membership in ADC is available in both free and paid versions. You can set up an account for the free version at: http://connect.apple.com/ -- Shields. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]