funsec mailing list archives

Re: Encryption is less secure than we thought

From: "Marc" <marc () marcd org>
Date: Fri, 16 Aug 2013 17:23:56 -0400

 

 

In my opinion, the title of the article is a bit misleading. It’s not the cryptography/encryption that’s the issue, 
it’s the protection of the key.  In most cases the key is a password/passphrase and not a long pseudo random key.  Key 
management is a critical part of cryptography that is often overlooked and is the weakest link in the chain.  So, in 
short – IMHO it’s not the cryptography – it’s the implementation that is the issue.  Of course, other issues are also 
present, like using table lookups in AES to enhance performance, which also weakens the cryptography, for instance; but 
poor key management is the easiest thing one can do to screw up otherwise good cryptography.  Just my observation and 
opinion.

 

Marc

 

From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org] On Behalf Of Daniël W. Crompton
Sent: Friday, August 16, 2013 15:58
To: funsec
Subject: [funsec] Encryption is less secure than we thought

 

 

http://www.mit.edu/newsoffice/2013/encryption-is-less-secure-than-we-thought-0814.html


 

What do you think?

 

-- 

blaze your trail

-- 
Daniël W. Crompton <daniel.crompton () gmail com>

 

 
<https://app.yesware.com/tl/9c9e8bb890b2c61ccf5ccb1efbfd0ea222e4bce5/38a9dc2afe5214eef82c1b699637c9cd/8c60c2fc129bb1c6c391a639fdc1da58?ytl=http%3A%2F%2Fspecialbrands.net%2F>
 


 
<https://app.yesware.com/tl/9c9e8bb890b2c61ccf5ccb1efbfd0ea222e4bce5/38a9dc2afe5214eef82c1b699637c9cd/6ce7d3c11b9d006aaf337266d8c26184?ytl=http%3A%2F%2Fspecialbrands.net%2F>
 http://specialbrands.net/

       
<https://app.yesware.com/tl/9c9e8bb890b2c61ccf5ccb1efbfd0ea222e4bce5/38a9dc2afe5214eef82c1b699637c9cd/c493f563f01c668f985e634b2db8e0df?ytl=http%3A%2F%2Ftwitter.com%2Fwebhat>
  
<https://app.yesware.com/tl/9c9e8bb890b2c61ccf5ccb1efbfd0ea222e4bce5/38a9dc2afe5214eef82c1b699637c9cd/b0e32a954ec9877f67acd5fd6c531f7d?ytl=http%3A%2F%2Fwww.facebook.com%2Fwebhat>
  
<https://app.yesware.com/tl/9c9e8bb890b2c61ccf5ccb1efbfd0ea222e4bce5/38a9dc2afe5214eef82c1b699637c9cd/033224e49209a040b330313384f6bb2a?ytl=http%3A%2F%2Fplancast.com%2Fwebhat>
  
<https://app.yesware.com/tl/9c9e8bb890b2c61ccf5ccb1efbfd0ea222e4bce5/38a9dc2afe5214eef82c1b699637c9cd/c712e98d962bc8a500bfae7452a6a666?ytl=http%3A%2F%2Fwww.linkedin.com%2Fin%2Fredhat>
 

 

  <https://app.yesware.com/t/9c9e8bb890b2c61ccf5ccb1efbfd0ea222e4bce5/38a9dc2afe5214eef82c1b699637c9cd/spacer.gif>   
<http://app.yesware.com/t/9c9e8bb890b2c61ccf5ccb1efbfd0ea222e4bce5/38a9dc2afe5214eef82c1b699637c9cd/spacer.gif>

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Current thread:

Encryption is less secure than we thought Daniël W . Crompton (Aug 16)
- Re: Encryption is less secure than we thought Valdis . Kletnieks (Aug 16)
- Re: Encryption is less secure than we thought Marc (Aug 16)