[cryptography] preventing protocol failings
Kevin W. Wall
kevin.w.wall at gmail.com
Wed Jul 13 08:11:48 EDT 2011
On Wed, Jul 13, 2011 at 2:02 AM, Ian G <iang at iang.org> wrote:
> On 13/07/11 3:10 AM, Hill, Brad wrote:
>> Re: H3, "There is one mode and it is secure"
>> I have found that when H3 meets deployment and use, the reality too often
>> becomes: "Something's gotta give." We haven't yet found a way to hide
>> enough of the complexity of security to make it free, and this inevitably
>> causes conflicts with goals like adoption.
>> An alternate or possibly just auxiliary hypothesis I've been promoting on
>> how to respond to these pressures is:
>> "Build two protocols and incentivize."
>> That is:
>> Recognize in advance that users will demand an insecure mode and give
>> it to them.
> I've heard of users demanding easy modes, but never demanding insecure modes
Well, I wouldn't necessary count these as "users" perhaps (at least
not the primary
users), but if you do, then I'm pretty sure that I recall the FBI
demanding such things. ;-)
"The most likely way for the world to be destroyed, most experts agree,
is by accident. That's where we come in; we're computer professionals.
We *cause* accidents." -- Nathaniel Borenstein
More information about the cryptography