[cryptography] philosophical question about strengths and attacks at impossible levels
jon at callas.org
Fri Nov 19 18:46:44 EST 2010
> Does the fact that parts of Stuxnet was signed by two valid certs
> count as a cryptographic failure?
Of course not. Does it count as a DMV failure if a bank robber has a valid drivers license?
None of us have ever claimed that only good people can use cryptography. As a matter of fact, you'll find that most of us have criticized the assumption that a valid signature means truth, beauty, morality, or anything beyond a mathematical formula returning a 1.
You cannot produce trust with cryptography, no matter how much cryptography you use.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the cryptography