Re: The Pain of Cryptography

From: Anton Stiglic (stiglic_at_cs.mcgill.ca)
Date: 12/04/03 

Date: Wed, 3 Dec 2003 16:47:16 -0800

"Roger Schlafly" <rogersc@mindspring.com> wrote in message
news:LNrzb.2107$F17.348203096@twister1.starband.net...
> "Anton Stiglic" <stiglic@cs.mcgill.ca> wrote
> > Maybe David Wagner suffers from split personality! Note that his last
> > post appears to come from the domain taverner.cs.berkeley.edu,
>
> You are reading a lot into this. Obviously David was paid a fixed
> amount of money to spend a limited number of hours doing an
> analysis, and write a report. He chose to spend that time doing
> some standard attacks, and seeing if they work. There is nothing
> wrong with his report.

Of course I was just kidding. I agree that there is nothing wrong
with his report, except maybe the fact that he did not comment on
the unusual long key length.
In fact, even if the cipher got broken, I still find his report
instructive. It demonstrates a nice systematic approach to quickly
verifying the security of a stream cipher against basic known
attacks.

>Sometimes someone finds a clever attack that someone else overlooks.
>That's life in the crypto biz. If there is a lesson here, I'd say that
>companies should hire more than one cryptologist to do analyses.

That might help or it might not. I did not read the paper describing the
attack, but if the company hired several cryptologists working separately,
and all had limited time, they might all take the same approach as
David and not stumble upon the vulnerability. I think the lesson is that
you really need a long enough time period for the analysis, so that
cryptanalysts can think of uncommon ways to attack the cipher.

--Anton

Relevant Pages

  • Re: Pelosi & Reid Will Not Like Progress Cited in Iraq Quarterly Report
    ... This is from 4 pages, less than 10 percent, of the report. ... Reid has called General Petraeus a liar for saying progress had been made in Iraq, and more recently he has called Petraeus and outgoing chairman of the Joint Chiefs,Marine Gen. ... Assessment of the Security Environment— ... the frequency and intensity of attacks on the ...
    (soc.retirement)
  • Re: Pelosi & Reid Will Not Like Progress Cited in Iraq Quarterly Report
    ... This is from 4 pages, less than 10 percent, of the report. ... Reid has called General Petraeus a liar for saying progress had been made in Iraq, and more recently he has called Petraeus and outgoing chairman of the Joint Chiefs,Marine Gen. ... Assessment of the Security Environment— ... the frequency and intensity of attacks on the ...
    (soc.retirement)
  • Lord Gow we know its the Democrtas fault..
    ... the State Department said in its annual terrorism report. ... In Afghanistan, the number of attacks rose 16 percent, to 1,127 incidents ... Afghanistan and Iraq, where it says elements of the Iranian Revolutionary ... In Iraq, Afghanistan and elsewhere, al-Qaida and its affiliates remain "the ...
    (rec.sport.pro-wrestling)
  • Re: Deaths and injuries mount in McCain/Bush "surge" quagmire
    ... causing more work for readers to compare the report entries to the ... terrorists after an attack on their patrol by a rocket-propelled grenade at ... WTC bombing case; active in 9-11 cases, ... "Conservatives saw the savagery of 9-11 in the attacks and prepared ...
    (talk.politics.misc)
  • Re: Q&A for double standard liberals
    ... warning signs" of last week's attacks. ... Remember Sudan was in shock when Clinton turned them down. ... Reading it reads like a post 9/11 report, ... other nation to turn their back and support from Afghanistan), ...
    (alt.politics.bush)
Quantcast