[cryptography] preventing protocol failings
iang at iang.org
Wed Jul 13 02:01:27 EDT 2011
On 13/07/11 9:25 AM, Marsh Ray wrote:
> On 07/12/2011 04:24 PM, Zooko O'Whielacronx wrote:
>> On Tue, Jul 12, 2011 at 11:10 AM, Hill, Brad<bhill at paypal-inc.com>
>>> I have found that when H3 meets deployment and use, the reality
>>> too often becomes: "Something's gotta give." We haven't yet found
>>> a way to hide enough of the complexity of security to make it
>>> free, and this inevitably causes conflicts with goals like
>> This is an excellent objection. I think this shows that most crypto
>> systems have bad usability in their key management (SSL, PGP). People
>> don't use such systems if they can help it, and when they do they
>> often use them wrong.
> But the entire purpose of securing a system is to deny access to the
> protected resource.
And that's why it doesn't work; we end up denying access to the
Security is just another function of business, it's not special. The
purpose of security is to improve the profitability of the resource.
Protecting it is one tool to serve security & profits, and
re-engineering it so it doesn't need any protection is another tool...
There are many such tools :)
> In the case of systems susceptible to potential
> phishing attacks, we even require that the user themselves be the one to
> decline access to the system!
> Everyone here knows about the inherent security-functionality tradeoff.
> I think it's such a law of nature that any control must present at least
> some cost to the legitimate user in order to provide any effective
> security. However, we can sometimes greatly optimize this tradeoff and
> provide the best tools for admins to manage the system's point on it.
Not at all. I view this as hubris from those struggling to make
security work from a technical pov, from within the box. Once you start
to learn the business and the human interactions, you are looking
outside your techie box. From the business, you discover many
interesting things that allow you to transfer the info needed to make
the security look free.
A couple of examples: Skype works because people transfer their
introductions first over other channels, "hey, my handle is bobbob", and
then secondly over the packet network. It works because it uses the
humans to do what they do naturally.
2nd. When I built a secure payment system, I was able to construct a
complete end-to-end public infrastructure without central points of
trust (like with CAs). And I was able to do it completely. The reasons
is that the start of the conversation was always a. from person to
person, and b. concerning a financial instrument. So the financial
instrument was turned into a contract with embedded crypto keys. Alice
hands Bob the contract, and his softwate then bootstraps to fully
> Hoping to find security "for free" somewhere is akin to looking for free
> energy. The search may be greatly educational or produce very useful
> related discoveries, but at the end of the day the laws of
> thermodynamics are likely to remain satisfied.
> Those looking for no-cost or extremely low-cost security either don't
> place a high value on the protected resource or, given the options they
> have imagined them, that they may profit more by the system being in the
> less secure state. Sometimes they haven't factored all the options into
> their cost-benefit analysis. Sometimes it never occurs to them that the
> cost of a security failure can be much much greater than the nominal
> value of the thing being protected (ask Sony).
No, it's much simpler than that: denying someone security because they
don't push the right buttons is stilly denying them security. The
summed benefit of internet security protocols typically goes up with the
number of users, not with the reduction of flaws. The techie view has
> So even if you're a web site just selling advertising and your users'
> personal information, security is a feature that attracts and retains
> users, specifically those who value their _own_ stuff. (Hint hint: this
> is the kind with money to spend with your advertisers.) Smart people
> value their own time most of all and would find it a major pain to have
> to put everything back in order after some kind of compromise.
This is a curiousity to me; has anyone actually figured out how to find
a marketplace full of security conscious users? Was there ever such a
product where vendors successfully relied upon the users' good security
> I hope there was a coherent point in all of that somewhere :-) I know
> I'm preaching to the choir but Brad seemed to be asking for arguments of
> this sort.
More information about the cryptography