Re: solving the wrong problem

2005-08-09 Thread Daniel Carosone
On Tue, Aug 09, 2005 at 01:04:10AM +1200, Peter Gutmann wrote:
 That sounds a bit like unicorn insurance
 [..]
 However, this is slightly different from what Perry was suggesting.
 There seem to be at least four subclasses of problem here:
 
 1. ??? : A solution based on a misunderstanding of what the real problem is.
 
 2. Unicorn insurance: A solution to a nonexistent problem.
 
 3. ???: A solution to a problem created artificially in order to justify its
solution (or at least to justify publication of an academic paper
containing a solution).
 
 4. PKI: A solution in search of a problem.

Nice list, and terms for the remaining ??? cases would be nice, but
I'm not sure that any of these captures one essential aspect of the
problem Perry mentioned, at least as I see it.

One of the nice aspects of the snake oil description is the
implications it has about the dodgy seller, rather than the product.
To my view, much of the Quantum Cryptography (et al) discussion has
this aspect: potentially very cool and useful technology in other
circumstances, but being sold into a market not because they
particularly need it, but just because that's where the money is.
Certainly, that's the aspect I find most objectionable, and thus
deserving of a derogatory term, rather than just general frustration
at naive user stupidity.

None of the terms proposed so far capture this aspect.  The specific
example given doesn't quite fit anywhere on your list.  It's somewhere
between #3 and #4; perhaps it's a #4 with a dodgy salesman trying to
push it as a #3 until a better problem is found for it to solve?

I was going to suggest porpoise oil (from not fit-for-purpose),
but how about unicorn oil - something that may well have some
uncertain magical properties, but still sold under false pretenses,
and not really going to cure your ills?

--
Dan.



pgp6yaUOzDOti.pgp
Description: PGP signature


Re: solving the wrong problem

2005-08-09 Thread Russell Nelson
Perry E. Metzger writes:
  Anyone have a good phrase in mind that has the right sort of flavor
  for describing this sort of thing?

Well, I've always said that crypto without a threat model is like
cookies without the milk.

-- 
--My blog is at blog.russnelson.com | In a democracy the rulers
Crynwr sells support for free software  | PGPok | are older versions of the
521 Pleasant Valley Rd. | +1 315-323-1241   | popular kids from high
Potsdam, NY 13676-3213  |   | school.  --Bryan Caplan

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: solving the wrong problem

2005-08-09 Thread Peter Gutmann
Peter Fairbrother [EMAIL PROTECTED] writes:
Peter Gutmann wrote:
 Peter Fairbrother [EMAIL PROTECTED] writes:
 Didn't the people who did US/USSR nuclear arms verification do something
 very similar, except the characterised surface was sparkles in plastic
 painted on the missile rather than paper?

 Yes.  The intent was that forging the fingerprint on a warhead should cost as
 much or more than the warhead itself.

Talking of solving the wrong problem, that's a pretty bad metric - forging
should cost the damage an extra warhead would do, rather than the cost of an
extra warhead. That's got to be in the trillions, rather than a few hundred
thousand for another warhead.

The cost was US$12M per warhead.  I think that's sufficient.

Peter.

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Two results on SHA-256 in progress

2005-08-09 Thread Mads Rasmussen


I haven't seen this announced anywhere, so here it goes:

http://www.cosic.esat.kuleuven.be/WeWorc/allAbstracts.pdf

Collisions for simplified variants of SHA-256
Krystian Matusiewicz and Josef Pieprzyk
pp. 140

Preliminary Analysis of the SHA-256 Message Expansion
Norbert Pramstaller and Christian Rechberger and Vincent Rijmen
pp. 145

Still work in progress, these two papers are just appetizers ;-)


--
Mads Rasmussen
Security Consultant
Open Communications Security
+55 11 3345 2525



-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: solving the wrong problem

2005-08-09 Thread Anne Lynn Wheeler
John Denker wrote:
 That's an interesting topic for discussion, but I don't think
 it answers Perry's original question, because there are plenty
 of situations where the semblence of protection is actually a
 cost-effective form of security.  It's an example of statistical
 deterrence.

i've frequently used a metaphor about a bank vault door installed in the
middle of an open field.
http://www.garlic.com/~lynn/aadsm15.htm#9 Is cryptography where security
took the wrong branch?
http://www.garlic.com/~lynn/2002l.html#12 IEEE article on intelligence
and security
http://www.garlic.com/~lynn/2003h.html#26 HELP, Vulnerability in Debit
PIN Encryption security, possibly
http://www.garlic.com/~lynn/2003n.html#10 Cracking SSL

the other metaphor is the one about if all you have is a hammer, then
all problems become nails.

and for some of the PKI related ... frequently they start out claiming
the answer is PKI ... before asking what the problem is.

one of the current issues is that some financial operations are using a
value for a userid-like capability and at the same time using the same
value as a password-like capability. userid requires fairly high
security integrity ... aka from PAIN

* privacy
* authentication
* integrity
* non-repudiation

and the userid capability also requires fairly general availability in
order to establish permissions and as the basis for other business
operations.

however, the password capability requires very high privacy and
confidentiality. the result is relatively high diametrically opposing
use critiaria ... high integrity and generally available ... vis-a-vis
high confidentiality.

pure encryption might claim that they could meet the high
confidentialilty requirements ... but that then tends to break all the
generally available requirements for its userid function (and/or
esposing it in the clear for all its business use operations creates
enormous number of points for the value to leak out)

the fundamental threat model then turns out not to be there isn't enuf
encryption ... the fundamental threat model is a dual-use compromise ...
where the same information is being used to select permissions (aka
userid) and needs to be generally available ... while at the same time
serving as a password (for authentication).

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: solving the wrong problem

2005-08-09 Thread Ilya Levin
Dave Howe wrote:
  Nonsense fence maybe less metaphoric but more clear.
 I disagree - one picket fence gives a clear impression of a protective 
 device
 that is hardened at but one point - leaving the rest insecure. nonsense 
 fence
 doesn't give any real image.

Perhaps, but sometimes rubbish just better be named rubbish without
any metaphorical allusions. For everyone's good.

-- 
Ilya Levin
http://www.literatecode.com

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


spyware targets bank customers. news at 11.

2005-08-09 Thread Perry E. Metzger

   A major identity theft ring has been discovered that affects up to 50
banks, according to Sunbelt Software, the security company that says
it uncovered the operation. The operation, which is being
investigated by the FBI, is gathering personal data from
thousands of machines using keystroke-logging software, Sunbelt
said Monday.

http://news.com.com/ID+theft+ring+hits+50+banks%2C+firm+says/2100-7349_3-5823591.html

(Hat tip to Adam Fields for pointing this one out to me.)

Perry

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]