Security Basics mailing list archives
Re: Concepts: Security and Obscurity
From: Daniel Miessler <daniel () dmiessler com>
Date: Wed, 11 Apr 2007 00:51:43 -0400
On Apr 10, 2007, at 6:50 PM, Craig Wright wrote:
Please demonstrate your hypothetical controls. Stating your hypothesis in an intestable way does nothing to further the argument.
Control:Limiting access to a potentially vulnerable daemon by 99.9% of the Internet population. So legitimate users are allowed in without issue, while nobody else on the Internet even knows a daemon exists.
Cost:Configure your firewall device to handle PK or SPA and deploy the augmented client.
--In my view this is a big win for the organization if the technologies can be used. Not all infrastructures support PK or SPA technology yet, but one can imagine them being used for VPNs and a number of other applications.
But that isn't even the point: the point is that just because obscurity is used as part of the total approach does NOT mean the system is somehow weakened. The Kerckhoff Principle applies when security RESTS on secrecy, not when it's added as a layer on top of existing systems.
As an example, if you have a tested VPN system that gave, say, 7 points of security (lame, but bear with me). So you then added a layer of obscurity on top of it that gave an additional 2 points, you'd have a total of 9. Well, if you have a compromise to your obscurity of said system, what would you fall back to?
4? 2? No -- 5.5 is what you started with WITHOUT the layer, so you can't fall below that. This is true simply because the two layers are independent of each other. We're not talking about a cryptographic algorithm where the scrutiny of the algorithm is PART of the security itself.
In this case we're building a completely isolated and independent layer, and as such the Kerckhoff principle does not apply. Again, 5 + 2 - 2 = 5, not less than 5.
-- Daniel Miessler E: daniel () dmiessler com W: http://dmiessler.com G: 0xDA6D50EAC
Attachment:
PGP.sig
Description: This is a digitally signed message part
Current thread:
- RE: Concepts: Security and Obscurity, (continued)
- RE: Concepts: Security and Obscurity John Rodriguez (Apr 09)
- RE: Concepts: Security and Obscurity Ken Kousky (Apr 10)
- Re: Concepts: Security and Obscurity Pranay Kanwar (Apr 05)
- Re: Re: Concepts: Security and Obscurity levinson_k (Apr 09)
- Re: RE: Concepts: Security and Obscurity levinson_k (Apr 09)
- RE: Concepts: Security and Obscurity krymson (Apr 10)
- Re: Concepts: Security and Obscurity Joe Yong (Apr 11)
- RE: Concepts: Security and Obscurity Young, Randy (Apr 11)
- RE: Concepts: Security and Obscurity Ken Kousky (Apr 11)
- Re: Concepts: Security and Obscurity Joe Yong (Apr 11)
- Re: Concepts: Security and Obscurity Daniel Miessler (Apr 11)
- Re: Concepts: Security and Obscurity Daniel Miessler (Apr 11)
- Re: Concepts: Security and Obscurity Daniel Miessler (Apr 11)