[cryptography] preventing protocol failings

Sampo Syreeni decoy at iki.fi
Mon Jul 4 16:28:10 PDT 2011

(I'm not sure whether I should write anything anytime soon, because of Len 
Sassaman's untimely demise. He was an idol of sorts to me, as a guy who Got 
Things Done, while being of comparable age to me. But perhaps it's equally 
valid to carry on the ideas, as a sort of a nerd eulogy?)

Personally I've slowly come to believe that options within crypto  
protocols are a *very* bad idea. Overall. I mean, it seems that pretty  
much all of the effective, real-life security breaches over the past  
decade have come from protocol failings, if not trivial password ones. Not 
from anything that has to do with hard crypto per se.

So why don't we make our crypto protocols and encodings *very* simple, so 
as to resist protocol attacks? X.509 is a total mess already, as Peter 
Gutmann has already elaborated in the far past. Yet OpenPGP's packet format 
fares not much better; it might not have many cracks as of yet, but it 
still has a very convoluted packet structure, which makes it amenable to 
protocol attacks. Why not fix it into the simplest, upgradeable structure: 
a tag and a binary blob following it?

Not to mention those interactive protocols, which are even more difficult 
to model, analyze, attack, and then formally verify. In Len's and his 
spouse's formalistic vein, I'd very much like to simplify them into a level 
which is amenable to formal verification. Could we perhaps do it? I mean, 
that would not only lead to more easily attacked protocols, it would also 
lead to more security...and a eulogy to one of the new cypherpunks I most 
Sampo Syreeni, aka decoy - decoy at iki.fi, http://decoy.iki.fi/front
+358-50-5756111, 025E D175 ABE5 027C 9494 EEB0 E090 8BA9 0509 85C2
cryptography mailing list
cryptography at randombit.net

----- End forwarded message -----
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

More information about the cypherpunks-legacy mailing list