[cryptography] Math corrections [was: Let's go back to the beginning on this]
arshad.noor at strongauth.com
Sun Sep 18 00:59:01 EDT 2011
On 09/17/2011 09:14 PM, Chris Palmer wrote:
> Thus, having more signers or longer certificate chains does not reduce the probability of failure; it gives attackers more chances to score a hit with (our agreed-upon hypothetical) 0.01 probability. After just 100 chances, an attacker is all but certain to score a hit.
Agreed. But, that is just a consequence of the numbers involved.
The real problem, however, is not the number of signers or the length
of the cert-chain; its the quality of the "certificate manufacturing"
More information about the cryptography