[Cfrg] Cryptographic meta-principles

"Igoe, Kevin M." <kmigoe@nsa.gov> Wed, 23 May 2012 14:31 UTC

Return-Path: <kmigoe@nsa.gov>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2AF8021F8701 for <cfrg@ietfa.amsl.com>; Wed, 23 May 2012 07:31:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.298
X-Spam-Level:
X-Spam-Status: No, score=-9.298 tagged_above=-999 required=5 tests=[AWL=-1.300, BAYES_50=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nHAa9PP1wHXY for <cfrg@ietfa.amsl.com>; Wed, 23 May 2012 07:31:00 -0700 (PDT)
Received: from nsa.gov (emvm-gh1-uea09.nsa.gov [63.239.67.10]) by ietfa.amsl.com (Postfix) with ESMTP id 5594A21F86F8 for <cfrg@irtf.org>; Wed, 23 May 2012 07:31:00 -0700 (PDT)
X-TM-IMSS-Message-ID: <9f1e88380014500c@nsa.gov>
Received: from MSCS-GH1-UEA01.corp.nsa.gov ([10.215.224.47]) by nsa.gov ([63.239.67.10]) with ESMTP (TREND IMSS SMTP Service 7.1) id 9f1e88380014500c ; Wed, 23 May 2012 10:32:19 -0400
Received: from MSIS-GH1-UEA06.corp.nsa.gov ([10.215.228.137]) by MSCS-GH1-UEA01.corp.nsa.gov with Microsoft SMTPSVC(6.0.3790.3959); Wed, 23 May 2012 10:30:59 -0400
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01CD38F0.ABE78C4D"
X-MimeOLE: Produced By Microsoft Exchange V6.5
Date: Wed, 23 May 2012 10:30:59 -0400
Message-ID: <80F9AC969A517A4DA0DE3E7CF74CC1BB425C1D@MSIS-GH1-UEA06.corp.nsa.gov>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: Cryptographic meta-principles
Thread-Index: Ac048KtI+eJiAhBwS0y3vfVxSHlzRA==
From: "Igoe, Kevin M." <kmigoe@nsa.gov>
To: cfrg@irtf.org
X-OriginalArrivalTime: 23 May 2012 14:30:59.0185 (UTC) FILETIME=[ABF48E10:01CD38F0]
Subject: [Cfrg] Cryptographic meta-principles
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Wed, 23 May 2012 14:31:02 -0000

Some cryptographic meta-principles.  Feel free to disagree or make
additions.    I think 2, 5, 7 and 8 

are the most relevant to the CFRG.   I always found #1 useful in
analyzing systems.  Always

ask "where have we moved the risk?".

 

1.       You can't eliminate risk, you can just move it around. 

2.       Needless complexity is the enemy of security.

3.       There is no such thing as a secure algorithm, only a secure
system.  Even the most "secure" algorithm, if used improperly, can be
worthless.   Without the proper architecture, implementation, and
management we are effectively "putting bank vault doors on cardboard
boxes". 

4.       In the end everything  comes down to  a cost analysis: how much
does it cost an adversary to attempt to exploit a
given system and what is the adversary's expected gain from succeeding?
Our goal is to select cryptographic mechanisms and parameter sizes that
make the adversary's expected return on investment negative. 

5.       Moore's Law continually decreases an adversary's cost to attack
a system. so we must assume that eventually all parameter sizes will
need to be readjusted.

6.       In the limit as the parameter size/number of rounds goes to
infinity, almost anything is secure.  The art is in picking mechanisms
and parameter sizes that meet our needs efficiently.

7.       As far as possible, we should strive to provide a cryptographic
environment that is both practical and stable.

8.       We don't exist in a vacuum.  We need to constantly monitor the
impact of current cryptographic practices on vendors and IETF working
groups, try to foresee  emerging requirements, monitor the results being
produced by the cryptologic research community, and co-ordinate our
efforts with other standards bodies.

 

Strive to be simple, practical and consistent, but always be aware that
in the long run change is inevitable.

 

 

 

Kevin M. Igoe        |   "Everyone is entitled to their own
kmigoe@nsa.gov <mailto:kmigoe@nsa.gov>    |    opinions, but not to
their own facts."
co-chair CFRG       |       - Daniel Patrick Moynihan -