[cryptography] PKI - and the threat model is ...?
makrober at gmail.com
Mon Sep 12 14:45:46 EDT 2011
In my, rather mundane world of corporate security, the threat model
must answer (at the very least) the following questions:
1) What is the upper bound of the loss of protected asset?
2) Who is the attacker and what are his capabilities?
3) What is the estimated cost of mounting a successful attack?
4) What is the expected profit from a successful attack?
5) What legal constraints are imposed on the protection methodology?
6) What is the upper bound of the cost of the design, deployment
and operation of the system?
I would refuse to design a system unless a reasonably clear
answers to those questions is provided.
In case of the "SSL system fix/replacement", I would suggest the
good starting point is to address (1) first by the following statement:
The system must protect browser/server communications expected in the
course of normal retail operations with each single transaction of
no more than $10k. The system is not expected to protect individual
liberty, life or limb, nor is it expected to protect high-value
monetary transactions, intellectual property assets, state secrets
or critical civic infrastructure operations.
More information about the cryptography