Re: My my, how time flies ...... it's been about "1 hour" -- anyone cracked CryptoSMS yet?
Crypto_at_S.M.S
Date: 08/26/05
- Next message: tomstdenis_at_gmail.com: "Re: Nocona [Intel 64-bit cpu timing]"
- Previous message: Crypto_at_S.M.S: "Re: My my, how time flies ...... it's been about "1 hour" -- anyone cracked CryptoSMS yet?"
- In reply to: Joe Peschel: "Re: My my, how time flies ...... it's been about "1 hour" -- anyone cracked CryptoSMS yet?"
- Next in thread: tomstdenis_at_gmail.com: "Re: My my, how time flies ...... it's been about "1 hour" -- anyone cracked CryptoSMS yet?"
- Reply: tomstdenis_at_gmail.com: "Re: My my, how time flies ...... it's been about "1 hour" -- anyone cracked CryptoSMS yet?"
- Reply: Joe Peschel: "Re: My my, how time flies ...... it's been about "1 hour" -- anyone cracked CryptoSMS yet?"
- Reply: giorgio.tani: "Re: My my, how time flies ...... it's been about "1 hour" -- anyone cracked CryptoSMS yet?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 26 Aug 2005 10:59:40 +1000
Joe Peschel wrote:
> " \"- Prof. Jonez©\"" <jonez@norcom.ca> wrote in
> news:fLlPe.20$nh6.4497@news.uswest.net:
>
>
>>What makes you think any attacker would have the source code
>>of any given encryption program to work with?
>>
>
>
> One always has to assume that the attacker knows everything about the
> encryption system, except the key. See Kerckhoffs' principle: "the security
> of a cryptosystem must depend only on the key," and Shannon's maxim: "the
> enemy knows the system."
>
> Schneier explained, in his May 2002 Cryptogram, why the principle is
> important.
>
> The reasoning behind Kerckhoffs' Principle is compelling.
> If the cryptographic algorithm must remain secret in
> order for the system to be secure, then the system is be
> less secure. The system is less secure, because security
> is affected if the algorithm falls into enemy hands.
> It's harder to set up different communications nets,
> because it would be necessary to change algorithms as
> well as keys. The resultant system is more fragile,
> simply because there are more secrets that need to be
> kept. In a well-designed system, only the key needs to
> be secret; in fact, everything else should be assumed to
> be public.
>
> J
>
Schneier's statement does not mention source code. It talks about
algorithms, and you already know the algorithms used by CryptoSMS.
That has been stated over&over. You know everything about these
algorithms (and the order in which they are applied), so the conditions
of Kerckhoffs' Principle have been met.
What in the above statements compels cryptosystem implementors to
provide attackers with the source code?
- Next message: tomstdenis_at_gmail.com: "Re: Nocona [Intel 64-bit cpu timing]"
- Previous message: Crypto_at_S.M.S: "Re: My my, how time flies ...... it's been about "1 hour" -- anyone cracked CryptoSMS yet?"
- In reply to: Joe Peschel: "Re: My my, how time flies ...... it's been about "1 hour" -- anyone cracked CryptoSMS yet?"
- Next in thread: tomstdenis_at_gmail.com: "Re: My my, how time flies ...... it's been about "1 hour" -- anyone cracked CryptoSMS yet?"
- Reply: tomstdenis_at_gmail.com: "Re: My my, how time flies ...... it's been about "1 hour" -- anyone cracked CryptoSMS yet?"
- Reply: Joe Peschel: "Re: My my, how time flies ...... it's been about "1 hour" -- anyone cracked CryptoSMS yet?"
- Reply: giorgio.tani: "Re: My my, how time flies ...... it's been about "1 hour" -- anyone cracked CryptoSMS yet?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
