* Steven M. Bellovin:
> I'd have phrased it differently than Perry did. I'd say that the
> attackers are often cleverer *about security* than protocol designers,
> because insecurity is their specialty.
I think this misses the point. Hardly anybody attacks protocols. In
fact, I think that th
>From: "Steven M. Bellovin" <[EMAIL PROTECTED]>
>Sent: Aug 5, 2005 12:04 PM
>To: Steve Furlong <[EMAIL PROTECTED]>
>Cc: cryptography@metzdowd.com
.Subject: Re: draft paper: "Deploying a New Hash Algorithm"
...
>I'd have phrased it differen
In message <[EMAIL PROTECTED]>, Steve Furlong writes:
>> [Moderator's note: ... attackers are often cleverer than protocol
>> designers. ...
>
>Is that true? Or is it a combination of
>
>(a) a hundred attackers for every designer, and
>(b) vastly disparate rewards: continued employment and maybe so
> [Moderator's note: ... attackers are often cleverer than protocol
> designers. ...
Is that true? Or is it a combination of
(a) a hundred attackers for every designer, and
(b) vastly disparate rewards: continued employment and maybe some
kudos for a designer or implementer, access to $1,000,000,
Steve,
At 05:34 PM 7/29/2005 -0400, Steven M. Bellovin wrote:
In message <[EMAIL PROTECTED]>, Alex Alten
write
s:
>At 08:12 AM 7/25/2005 -0400, Steven M. Bellovin wrote:
>>In message <[EMAIL PROTECTED]>, Alex Alten
>>write
>>s:
>> >Steve,
>> >
>> >This also seems to be in conjunction with the p
In message <[EMAIL PROTECTED]>, Alex Alten write
s:
>Steve,
>
>This also seems to be in conjunction with the potential switch over from
>RSA et al. to
>ECC for PKI, etc.
>
Yes, Eric and I have been talking about that, and we'll add some
discussion of that to the next version of the paper.