Re: [Cfrg] Cryptographic meta-principles

Santosh Chokhani <SChokhani@cygnacom.com> Thu, 24 May 2012 16:52 UTC

Return-Path: <SChokhani@cygnacom.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1682A21F862B for <cfrg@ietfa.amsl.com>; Thu, 24 May 2012 09:52:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0T3I8DTmuKzx for <cfrg@ietfa.amsl.com>; Thu, 24 May 2012 09:52:39 -0700 (PDT)
Received: from ipedge1.cygnacom.com (ipedge1.cygnacom.com [216.191.252.12]) by ietfa.amsl.com (Postfix) with ESMTP id 1DD4C21F84FF for <cfrg@irtf.org>; Thu, 24 May 2012 09:52:38 -0700 (PDT)
X-IronPort-AV: E=Sophos;i="4.75,652,1330923600"; d="scan'208";a="5099425"
Received: from unknown (HELO scygexch7.cygnacom.com) ([10.4.60.22]) by ipedge1.cygnacom.com with ESMTP; 24 May 2012 12:52:15 -0400
Received: from scygexch7.cygnacom.com ([::1]) by scygexch7.cygnacom.com ([::1]) with mapi; Thu, 24 May 2012 12:52:14 -0400
From: Santosh Chokhani <SChokhani@cygnacom.com>
To: "Scott Fluhrer (sfluhrer)" <sfluhrer@cisco.com>, Vadym Fedyukovych <vf@unity.net>, "cfrg@irtf.org" <cfrg@irtf.org>
Date: Thu, 24 May 2012 12:52:13 -0400
Thread-Topic: [Cfrg] Cryptographic meta-principles
Thread-Index: Ac05ap5/cMYwIwtrRFalVbqsSIoS1AAYFCEAAACiWcA=
Message-ID: <B83745DA469B7847811819C5005244AF0F6628BB@scygexch7.cygnacom.com>
References: <80F9AC969A517A4DA0DE3E7CF74CC1BB425C1D@MSIS-GH1-UEA06.corp.nsa.gov><CAGj8prh7zO2RRKy84-6NRNL+Kv70duhy007VKM+dUnMWtQeW1A@mail.gmail.com> <20120524050339.GL19329@unity.net> <EE0C2F9E065E634B84FC3BE36CF8A4B209907CFD@xmb-sjc-23e.amer.cisco.com>
In-Reply-To: <EE0C2F9E065E634B84FC3BE36CF8A4B209907CFD@xmb-sjc-23e.amer.cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Subject: Re: [Cfrg] Cryptographic meta-principles
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 24 May 2012 16:52:40 -0000

Simply stated one is "computational complexity" and the other is "software/system complexity"

-----Original Message-----
From: cfrg-bounces@irtf.org [mailto:cfrg-bounces@irtf.org] On Behalf Of Scott Fluhrer (sfluhrer)
Sent: Thursday, May 24, 2012 12:41 PM
To: Vadym Fedyukovych; cfrg@irtf.org
Subject: Re: [Cfrg] Cryptographic meta-principles



-----Original Message-----
From: cfrg-bounces@irtf.org [mailto:cfrg-bounces@irtf.org] On Behalf Of Vadym Fedyukovych
Sent: Thursday, May 24, 2012 1:04 AM
To: cfrg@irtf.org
Subject: Re: [Cfrg] Cryptographic meta-principles

On Wed, May 23, 2012 at 03:20:32PM -0700, G?? Weijers wrote:
> > 2.       Needless complexity is the enemy of security.
> 
> Even if the complexity is unavoidable: it's _still_ the enemy of security.

At the same time, complexity of computational Diffie-Hellman problem often is the basis of security.

Actually, we're talking about two aspects of "complexity":

- Kevin, Steve and Marshall are talking about complexity from the implementation's (the "good guys") point of view.  The idea here is that if you have a cryptographical system with a lot of moving parts, well, then there's a lot that can go wrong.  In contrast, a simple system is considerably easier to analyze to make sure that there wasn't anything we missed.  Remember, it is implementation mistakes, not cryptographical issues, that are far more likely to cause actual security problems

- You are talking about complexity from the attacker's (the "bad guys") point of view.  We don't mind at all making his job harder; in fact, that's rather the goal.

> 
> --
_______________________________________________
Cfrg mailing list
Cfrg@irtf.org
http://www.irtf.org/mailman/listinfo/cfrg
_______________________________________________
Cfrg mailing list
Cfrg@irtf.org
http://www.irtf.org/mailman/listinfo/cfrg