[cryptography] PKI - and the threat model is ...?

M.R. makrober at gmail.com
Mon Sep 12 14:45:46 EDT 2011


In my, rather mundane world of corporate security, the threat model
must answer (at the very least) the following questions:

1) What is the upper bound of the loss of protected asset?

2) Who is the attacker and what are his capabilities?

3) What is the estimated cost of mounting a successful attack?

4) What is the expected profit from a successful attack?

5) What legal constraints are imposed on the protection methodology?

6) What is the upper bound of the cost of the design, deployment
and operation of the system?

I would refuse to design a system unless a reasonably clear
answers to those questions is provided.

In case of the "SSL system fix/replacement", I would suggest the
good starting point is to address (1) first by the following statement:

The system must protect browser/server communications expected in the
course of normal retail operations with each single transaction of
no more than $10k. The system is not expected to protect individual
liberty, life or limb, nor is it expected to protect high-value
monetary transactions, intellectual property assets, state secrets
or critical civic infrastructure operations.

Mark R.




More information about the cryptography mailing list