Firewall Wizards mailing list archives
Re: The Mathematics of Relative Security
From: Crispin Cowan <crispin () immunix com>
Date: Wed, 22 Sep 2004 21:22:24 -0700
Chris Pugrud wrote:
That is not quite correct: security *can* be proven. Turing's Halting Problem says that you cannot build a general-case security proving program, because the proof is based on diagonalization, i.e. apply the prover to itself.--- Crispin Cowan <crispin () immunix com> wrote:More succinctly, if you ask the question "am I secure?" in a highly rigorous fashion, the likely answer is "Hell no" :)This is distinctly the intuitively obvious answer. The more rigourous answer is that only insecurity can be proven, testing security reduces to the halting problem.
However, in the cases where you can prove security, the costs of proving it are astronomical, and the costs of achieving that security are pretty high too.
Consider using graph theory instead of set theory, as it at least has a built-in notation for directionality on edges.TCP also introduces a wrinkle that is not easily covered by the set theory I have learned, or I'm missing something - the concept of one-way membership.
Crispin -- Crispin Cowan, Ph.D. http://immunix.com/~crispin/ CTO, Immunix http://immunix.com _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- The Mathematics of Relative Security Chris Pugrud (Sep 21)
- Re: The Mathematics of Relative Security Crispin Cowan (Sep 21)
- Re: The Mathematics of Relative Security Chris Pugrud (Sep 22)
- Re: The Mathematics of Relative Security Crispin Cowan (Sep 27)
- Re: The Mathematics of Relative Security Mark Tinberg (Sep 27)
- Re: The Mathematics of Relative Security R. DuFresne (Sep 30)
- Re: The Mathematics of Relative Security Chris Pugrud (Sep 22)
- Re: The Mathematics of Relative Security Adam Shostack (Sep 27)
- Re: The Mathematics of Relative Security Crispin Cowan (Sep 21)
- Re: The Mathematics of Relative Security John Adams (Sep 22)