Security of crypto security measures



Hi,

How secure are the crypto security measures in practice today? In
everyday life, it is trivial that, if one puts treasures in a safe,
one has to consider how secure is the lock and even whether the
gangsters could carry the safe away. In matters closer to crypto,
UNIX, according to a revelation by one of its designers decades
after its launch, had a backdoor. And Windows have permanently to
be patched due to hacker attacks being detected. After all, it
is a general fact that the majority of all kinds of software are
not perfectly verified (if any formal verification were attempted
at all), so that there is almost always some non-negligible chance
of the existence of bugs that could be exploited. (The recently
reported case that the kernel of an OS was proved to be ok is a
very rare exception, I suppose.) In history of crypto, one knows
(or rather it is very plausibly believed by many) that a well-known
crypto machine manufacturer once enabled backdoor in its products
delivered to a certain country that was used for encryption of
diplomatic communications. Not very long time ago there was quite
some discussions in the media in Germany on the issue of whether
"online investigations" should be legalized, which, as far as I
understand, seem to mean the deployment of Trojans etc. on the
computers of the civilians by offcial agencies.

So how sure is a normal user of security software in the security
of his/her private communications in the current state of affairs?

Thanks.

M. K. Shen
.



Relevant Pages

  • Re: Security of crypto security measures
    ... How secure are the crypto security measures in practice today? ... gangsters could carry the safe away. ... So how sure is a normal user of security software in the security ...
    (sci.crypt)
  • Re: Are natural languages secure ciphers?
    ... > And that has been done, and in those cases the one-time pad was used ... Is it "complete security" if it works SOMETIMES ??? ... Thus in real life it's the least secure. ... A real world crypto system cannot just naively ...
    (sci.crypt)
  • Re: im tired, ill have another chocolate
    ... A system cannot be made more secure by increasing its complexity. ... Security is a corollary of correctness and cannot be tacked on. ... primitives should be exempt from the above rule. ... what then is the definition of "crypto primitive"? ...
    (sci.crypt)
  • Re: Somewhat OT, encryption question
    ... available *only on one computer* even if the passphrase is known. ... Since I do investigative work and litigation support involving violent deaths occurring in multiple countries, including evaluation of possible human rights abuses and assassinations, I have *boxes* of confidential material in a safe in my home. ... As you might expect, the information and imagery she brought back might be inflammatory, and until the final report is released, there are significant issues with data security. ... But the fact is that she can lose her working copies of stuff because the archival copies are in a secure place. ...
    (Fedora)
  • Re: Server security question
    ... > how to make sure its pretty safe? ... If you're wondering about how secure it will be, ... about security and what you are planning. ... A very good first step is reading the book 'Practical Firewalls'. ...
    (alt.os.linux.suse)