[Cfrg] When in doubt, err on the side of security

"Igoe, Kevin M." <kmigoe@nsa.gov> Mon, 20 October 2014 18:37 UTC

Return-Path: <kmigoe@nsa.gov>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BA5091A6F53 for <cfrg@ietfa.amsl.com>; Mon, 20 Oct 2014 11:37:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.209
X-Spam-Level:
X-Spam-Status: No, score=-4.209 tagged_above=-999 required=5 tests=[BAYES_50=0.8, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Hb-Cy8-MXZDI for <cfrg@ietfa.amsl.com>; Mon, 20 Oct 2014 11:37:21 -0700 (PDT)
Received: from emvm-gh1-uea09.nsa.gov (emvm-gh1-uea09.nsa.gov [63.239.67.10]) by ietfa.amsl.com (Postfix) with ESMTP id 56DD61A1B92 for <cfrg@irtf.org>; Mon, 20 Oct 2014 11:37:21 -0700 (PDT)
X-TM-IMSS-Message-ID: <6f2db0180015b385@nsa.gov>
Received: from MSHT-GH1-UEA01.corp.nsa.gov ([10.215.227.18]) by nsa.gov ([63.239.67.10]) with ESMTP (TREND IMSS SMTP Service 7.1; TLSv1/SSLv3 AES128-SHA (128/128)) id 6f2db0180015b385 ; Mon, 20 Oct 2014 14:41:56 -0400
Received: from MSMR-GH1-UEA05.corp.nsa.gov (10.215.228.28) by MSHT-GH1-UEA01.corp.nsa.gov (10.215.227.18) with Microsoft SMTP Server (TLS) id 14.2.347.0; Mon, 20 Oct 2014 14:37:20 -0400
Received: from MSMR-GH1-UEA03.corp.nsa.gov ([10.215.224.3]) by MSMR-GH1-UEA05.corp.nsa.gov ([10.215.228.28]) with mapi id 14.02.0347.000; Mon, 20 Oct 2014 14:37:20 -0400
From: "Igoe, Kevin M." <kmigoe@nsa.gov>
To: "cfrg@irtf.org" <cfrg@irtf.org>
Thread-Topic: When in doubt, err on the side of security
Thread-Index: Ac/slOLKVUxRHjqnToG6XRIn8WzXyg==
Date: Mon, 20 Oct 2014 18:37:19 +0000
Message-ID: <3C4AAD4B5304AB44A6BA85173B4675CABC705962@MSMR-GH1-UEA03.corp.nsa.gov>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.215.225.46]
Content-Type: multipart/alternative; boundary="_000_3C4AAD4B5304AB44A6BA85173B4675CABC705962MSMRGH1UEA03cor_"
MIME-Version: 1.0
Archived-At: http://mailarchive.ietf.org/arch/msg/cfrg/AEfz1ydv2t8wGMFaRSVqYYwIEcc
Subject: [Cfrg] When in doubt, err on the side of security
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 20 Oct 2014 18:37:23 -0000

Once a security primitive has been selected, Moore's law will naturally improve its
performance with the passage of time.   But Moore's law and advances in
cryptanalysis will only erode its security (measured in the money needed to run
the attack).  Bottom line: err on the side of security.


----------------+--------------------------------------------------
Kevin M. Igoe   | "We can't solve problems by using the same kind
kmigoe@nsa.gov  | of thinking we used when we created them."
                |              - Albert Einstein -
----------------+--------------------------------------------------