[cryptome] Re: [cryptography] The Compromised Internet

  • From: coderman <coderman@xxxxxxxxx>
  • To: Tony Arcieri <bascule@xxxxxxxxx>
  • Date: Thu, 26 Sep 2013 01:32:01 -0700

On Wed, Sep 25, 2013 at 11:19 PM, coderman <coderman@xxxxxxxxx> wrote:
> On Wed, Sep 25, 2013 at 1:36 PM, Tony Arcieri <bascule@xxxxxxxxx> wrote:
>> ...
>> What threat are you trying to prevent that isn't already solved by the use
>> of cryptography alone?
> this is some funny shit right here...  LOL

someone pointed out that i might be an ass about a legitimate query.

here's a subset of all the things crypto alone does not protect:
- your source of entropy, upon which all secrets rely.
- your crypto implementation, which may leaks keys profusely out the side.
- the peers you crypto with; often the most important info.
- the complexity of attacking your crypted comms, which may be reduced
to a tractable search space due to architectural or design flaws
introduced by accident or $250,000,000 malicious intent.
- the data in motion or at rest, beyond your crypto boundaries.

i could go on...

Other related posts: