Dailydave mailing list archives
Re: Re: Hacking's American as Apple Cider
From: "I)ruid" <druid () caughq org>
Date: Fri, 23 Sep 2005 01:08:49 -0500
On Tue, 2005-09-20 at 19:38 -0400, Marcus J. Ranum wrote:
OK, I won't bore you with fleshing these out ad nauseam. But an expert castle-builder is going to understand the parameters for what are needed to build a strong castle. And, yes, technologies change. For example, there are all kinds of nice brick civil-war-era forts that were designed to withstand smoothbore cannon for months that would be battered to bits by rifled cannon in days. The reason they would still last days (instead of minutes) is because of engineering overhead in the assumptions about the wall thickness. Transformative shifts in attack paradigm may cause catastrophic failures. But they are few and far between. Incremental improvements in attacks should be within the engineering overhead of good design. Same applies with crypto or with other security systems. So, if you have a system that was designed well by someone who thought through the attack paradigms of the day, then testing it destructively is not going to make sense.
You use the term "crypto", it seems, as a reference to cryptography rather than cryptology, which as you properly describe is the design and engineering of cryptographic algorithms and protocols, but really is only one aspect of cryptology. There is a second aspect that I feel can be undeniably classified as "hacking" and which I personally feel is very, very cool. It's called cryptanalysis, which is essentially developing methods of breaking cryptography. I don't see how you can classify it as anything but "hacking", and without cryptanalysis you cannot prove the strength of your cryptography or the protection it provides. -- I)ruid, CĀ²ISSP druid () caughq org http://druid.caughq.org
Attachment:
signature.asc
Description: This is a digitally signed message part
Current thread:
- RE: Default Deny on Executables, (continued)
- RE: Default Deny on Executables El Nahual (Sep 14)
- Re: Default Deny on Executables Dave Aitel (Sep 14)
- Re: Default Deny on Executables Andrew R. Reiter (Sep 14)
- Re: Default Deny on Executables Joel Eriksson (Sep 14)
- Re: Default Deny on Executables Blue Boar (Sep 14)
- Re: Re: Hacking's American as Apple Cider Marcus J. Ranum (Sep 20)
- Re: Re: Hacking's American as Apple Cider Jason Syversen (Sep 20)
- Science? (WAS: Hacking's American as Apple Cider) Barrie Dempster (Sep 21)
- Re: Re: Hacking's American as Apple Cider pageexec (Sep 21)
- Re: Re: Hacking's American as Apple Cider Marcus J. Ranum (Sep 21)
- Re: Re: Hacking's American as Apple Cider I)ruid (Sep 23)
- Re: Re: Hacking's American as Apple Cider byte_jump (Sep 23)
- RE: Re: Hacking's American as Apple Cider Paul Melson (Sep 12)