[cryptography] preventing protocol failings
iang at iang.org
Mon Jul 4 20:01:20 EDT 2011
On 5/07/11 9:28 AM, Sampo Syreeni wrote:
> (I'm not sure whether I should write anything anytime soon, because of
> Len Sassaman's untimely demise. He was an idol of sorts to me, as a guy
> who Got Things Done, while being of comparable age to me. But perhaps
> it's equally valid to carry on the ideas, as a sort of a nerd eulogy?)
I don't think I ever met Len, but his words were wise.
> Personally I've slowly come to believe that options within crypto
> protocols are a *very* bad idea.
I think this is an idea who's time may be coming. You might enjoy my
Especially H1 and H3.
> Overall. I mean, it seems that pretty
> much all of the effective, real-life security breaches over the past
> decade have come from protocol failings, if not trivial password ones.
> Not from anything that has to do with hard crypto per se.
> So why don't we make our crypto protocols and encodings *very* simple,
> so as to resist protocol attacks? X.509 is a total mess already, as
> Peter Gutmann has already elaborated in the far past. Yet OpenPGP's
> packet format fares not much better; it might not have many cracks as of
> yet, but it still has a very convoluted packet structure, which makes it
> amenable to protocol attacks. Why not fix it into the simplest,
> upgradeable structure: a tag and a binary blob following it?
Yeah. Plus compatibility issues.
> Not to mention those interactive protocols, which are even more
> difficult to model, analyze, attack, and then formally verify. In Len's
> and his spouse's formalistic vein, I'd very much like to simplify them
> into a level which is amenable to formal verification. Could we perhaps
> do it? I mean, that would not only lead to more easily attacked
> protocols, it would also lead to more security...and a eulogy to one of
> the new cypherpunks I most revered.
(I for one am not thrilled about formal verification, but if our goals
meet, we can be be flexible on the motives.)
More information about the cryptography