Date: Sat, 14 Sep 2002 22:27:33 -0600 From: Duncan Campbell <campbell@tagish.taiga.ca> To: freebsd-security@FreeBSD.ORG Subject: Crypto Message-ID: <200209150427.WAA00171@tagish.taiga.ca>
next in thread | raw e-mail | index | archive | help
This is a short primer on crypto. What it can and can't do.
1. There are no permanent secrets. If you want to keep something secret
DON'T TELL ANYONE. More to the point, it is theoretically possible
to use the kind of analytical tools available in quantum mechanics to
disclose the _semantic content_ (the meaning) of any encrypted data.
This means that while your credit card number is probably safe for
some time to come, discussions about U233 and fissile weapons are not.
And it doesn't matter whether you call it "red mercury", uranium 233
or "chikita bananas", it will be seen all the same.
This also means that if you are into child prostitution or snuff
films, or just offing someone, you should stay far away from the
internet, because if someone looks, you will be found.
2. What matters is temporal security and authority: keeping the Bad
Guys from knowing what you are going to do until after it is done,
and knowing who has said what when. Cryptography is necessary,
but by itself insufficient, for this.
3. Authority is more important than secrecy: a basis of human society
is authoritative knowledge: we know little or nothing about the
universe we live in, and we know only slightly more about ourselves.
So it helps to know who said what, when. Digital signatures, like
provided by PGP, can do this for you and your organization.
3. Most breaches of computer/systems security DO NOT result from crypto
hacks. They result from
a. errors in the programmic glue between what you
are doing and the actual crypto you are using.
Some systems have intentional holes left in the
system logic allowing this to happen (e.g. Back-Orifice).
b. not setting the system up right to begin with
c. telling the wrong folks the passwords
4. Current cost-benefit makes it cheaper to break your legs (or
fuck with your woman) than to bother breaking anything more
than a 40-bit key. And there are many more experts in these
areas than in cryptography and they have a long tradition of
getting what they want.
5. The differences between
no encryption,
low encryption
high encryption
is the same as you chances of winning PowerBall with
no ticket
one ticket
ten tickets
That is to say your legs will get broken long before your
crypto-keys, even if they are only 56 bits.
6. Using your credit card on the internet is no different from using
it at a bar: check your statement at the end of the month. If it
doesn't line up, call someone.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200209150427.WAA00171>