[cryptography] Crypto Vulns

Dave Horsfall dave at horsfall.org
Sat Mar 7 12:01:51 EST 2015


On Sat, 7 Mar 2015, Kevin wrote:

> > No 1 vulnerability of crypto is the user
> > 2nd passphrases
> > 3rd overconfidence
> > 4th trust in the producer
> > 5th believing backdoors are No. 1
> 
> I don't agree that the user should be first on that list unless you are 
> talking about poor implementation.

How would you arrange them, then?  I seem to recall that Enigma was broken 
largely due to sloppy user practices e.g. weak message key, re-use of 
keys, repeating same message with a weaker scheme, etc.  Used properly, 
Enigma would've been unbreakable at the time.

-- 
Dave Horsfall DTM (VK2KFU)  "Bliss is a MacBook with a FreeBSD server."
http://www.horsfall.org/spam.html (and check the home page whilst you're there)


More information about the cryptography mailing list