[linux-elitists] GPG luser rant

Karsten M. Self kmself@ix.netcom.com
Fri Apr 13 12:26:01 PDT 2001


on Fri, Apr 13, 2001 at 01:25:58AM -0700, Joey Hess (joey@kitenet.net) wrote:
> Karsten M. Self wrote:

> My next point has elements of FUD, but, I fear, elements of truth too.
> Back in world war two, when crypto was fairly new, the worst way to
> destroy the usefullness of a cryptographic code was to use it
> incessantly, letting your enimy build up a large archive of data. They
> could then brute force crack it, or failing that, pounce on your first
> mistake and have a large body of data to work with. While current
> cryptosystems have a much sounder theoretical grounding, I firmly believe
> they will still be cracked one way or another, and it may well turn out
> that the more data you have, the easier it is to crack a given key. (This
> is certianly true for recently cracked systems, suce as WEP.)

A second counteragument I'd meant to include in last night's post.

Even assuming that there is a compromise of an algorithm in common use
of a cryptographic system, if infrastructure for supporting cryptography
is in use, improved algorithms can be distributed throughout this
infrastructure.  A well-formed infrastructure provides both a
fundamental framework, and the ability to drop in specific methods, to
adapt to such issues.

And a third response which is occuring to me now:  cryptosystems tend to
get better under use, not worse -- as more attacks are tried, better
systems are devised.  Similar to the ESR mantra:  all bugs are shallow,
but really relying more on the parallelization of crypto attack avenues
-- as more are tried, methods for countering them are more likely to
emerge.

Cheers.

-- 
Karsten M. Self <kmself@ix.netcom.com>    http://kmself.home.netcom.com/
 What part of "Gestalt" don't you understand?       There is no K5 cabal
  http://gestalt-system.sourceforge.net/         http://www.kuro5hin.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: not available
Url : http://allium.zgp.org/pipermail/linux-elitists/attachments/20010413/ba749126/attachment.pgp 


More information about the linux-elitists mailing list