[cryptography] preventing protocol failings

Kevin W. Wall kevin.w.wall at gmail.com
Wed Jul 13 08:11:48 EDT 2011

On Wed, Jul 13, 2011 at 2:02 AM, Ian G <iang at iang.org> wrote:
> On 13/07/11 3:10 AM, Hill, Brad wrote:
>> Re: H3, "There is one mode and it is secure"
>> I have found that when H3 meets deployment and use, the reality too often
>> becomes: "Something's gotta give."  We haven't yet found a way to hide
>> enough of the complexity of security to make it free, and this inevitably
>> causes conflicts with goals like adoption.
>> An alternate or possibly just auxiliary hypothesis I've been promoting on
>> how to respond to these pressures is:
>> "Build two protocols and incentivize."
>> That is:
>>    Recognize in advance that users will demand an insecure mode and give
>> it to them.
> I've heard of users demanding easy modes, but never demanding insecure modes
> :)

Well, I wouldn't necessary count these as "users" perhaps (at least
not the primary
users), but if you do, then I'm pretty sure that I recall the FBI
demanding such things. ;-)

Blog: http://off-the-wall-security.blogspot.com/
"The most likely way for the world to be destroyed, most experts agree,
is by accident. That's where we come in; we're computer professionals.
We *cause* accidents."        -- Nathaniel Borenstein

More information about the cryptography mailing list