[cryptography] Repeated Encryptions Considered.... ?
iang at iang.org
Tue Jun 21 17:14:50 EDT 2011
On 19/06/11 9:47 PM, Jon Callas wrote:
> On Jun 19, 2011, at 5:54 PM, Nico Williams wrote:
>> On Sun, Jun 19, 2011 at 7:01 PM, Jon Callas<jon at callas.org> wrote:
>>> That brings us back to the main question: what problem are you trying to solve?
>> one could forego the use of TLS if crypto were being applied at a
>> higher layer.
> Uh huh, but what problem are you trying to solve?
Nod. Multiple 2c follows.
The question of having two different layers doing encryption is 99% a
software engineering discussion, and it can only be answered by looking
at the whole thing. The old advice "don't double encrypt" came from
some crypto-think about serialising block ciphers and "groups", a very
(Alternatively, if your a fan of BitCoin's aggresive use of make-work,
then you'll have no problem with double, triple or N-tuple encryption :)
> Why not send *all* your network traffic over TLS?
The typical reasons for not using TLS would be (a) it's a
stream-oriented point-to-point protocol, whereas most activity is
app-level datagram-oriented, (b) it's too closely linked with PKI / x509
implementations, which is too clumsy in many ways, and (c) it only
delivers a relatively small subset of a fuller security model.
Which theory of course only makes any sense if one is prepared to
compete with TLS and do it all properly.
lot further towards datagram programming than the pre-JS 1990s school.
The temptation to throw out TLS is stronger as you get closer to the
datagram, and as you do more of a full security analysis. )
More information about the cryptography