[cryptography] philosophical question about strengths and attacks at impossible levels

Peter Gutmann pgut001 at cs.auckland.ac.nz
Sat Nov 20 01:27:36 EST 2010

travis+ml-rbcryptography at subspacefield.org writes:
>Does the fact that parts of Stuxnet was signed by two valid certs
>count as a cryptographic failure?

The crypto worked perfectly, it was everything around it that failed.

(Which has been the case for every other security failure involving modern
crypto as well [0]).


[0] Just for the nitpickers, that means properly-designed crypto using non-toy

More information about the cryptography mailing list