[146989] in cryptography@c2.net mail archive
Re: [Cryptography] The One True Cipher Suite
daemon@ATHENA.MIT.EDU (Phillip Hallam-Baker)
Tue Sep 10 18:50:56 2013
X-Original-To: cryptography@metzdowd.com
In-Reply-To: <55D4E31C-CDCB-4A87-9BDF-F9DC4F9FFFAC@lrw.com>
Date: Tue, 10 Sep 2013 18:20:41 -0400
From: Phillip Hallam-Baker <hallam@gmail.com>
To: Jerry Leichter <leichter@lrw.com>
Cc: "cryptography@metzdowd.com" <cryptography@metzdowd.com>,
ianG <iang@iang.org>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
--===============2533515213736887875==
Content-Type: multipart/alternative; boundary=001a1132f26a463fcc04e60eeaab
--001a1132f26a463fcc04e60eeaab
Content-Type: text/plain; charset=ISO-8859-1
On Tue, Sep 10, 2013 at 7:42 AM, Jerry Leichter <leichter@lrw.com> wrote:
> On Sep 9, 2013, at 12:00 PM, Phillip Hallam-Baker wrote:
> > Steve Bellovin has made the same argument and I agree with it.
> Proliferation of cipher suites is not helpful.
> >
> > The point I make is that adding a strong cipher does not make you more
> secure. Only removing the option of using weak ciphers makes you more
> secure.
> I'm not so sure I agree. You have to consider the monoculture problem,
> combined with the threat you are defending against.
>
I really hate the monoculture argument. It misses the fact that evolution
of Internet applications and attack strategies is not according to
Darwinian evolution.
Diversity is only a successful strategy against Darwinian evolution. It
does not work against intelligent design and malware is a product of
intelligent design.
Whether it is better to put all your eggs in one basket or in many baskets
depends on the consequences of compromise.
If the loss of one egg is acceptable then many baskets is the way to go. If
on the other hand they are dragon eggs and the loss of just one is a
catastrophe then putting them all in one basket is the lowest risk strategy.
1. If everyone uses the same cipher, the attacker need only attack that
> one cipher.
> 2. If there are thousands of ciphers in use, the attacker needs to attack
> some large fraction of them.
>
But on the flip side the cost of developing ciphers is large and the
vulnerabilities introduced into a protocol through support for algorithm
negotiation are significant.
Moreover as Newt Gingrich discovered, it only takes one party to your
conversation to be using an old AMPS analog line for your conspiracy to be
revealed.
I would rather choose one algorithm and one additional strong algorithm as
a backup than have the hundreds of algorithms.
--
Website: http://hallambaker.com/
--001a1132f26a463fcc04e60eeaab
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr"><br><div class=3D"gmail_extra"><br><br><div class=3D"gmail=
_quote">On Tue, Sep 10, 2013 at 7:42 AM, Jerry Leichter <span dir=3D"ltr">&=
lt;<a href=3D"mailto:leichter@lrw.com" target=3D"_blank">leichter@lrw.com</=
a>></span> wrote:<br>
<blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1p=
x #ccc solid;padding-left:1ex"><div class=3D"im">On Sep 9, 2013, at 12:00 P=
M, Phillip Hallam-Baker wrote:<br>
> Steve Bellovin has made the same argument and I agree with it. Prolife=
ration of cipher suites is not helpful.<br>
><br>
> The point I make is that adding a strong cipher does not make you more=
secure. Only removing the option of using weak ciphers makes you more secu=
re.<br>
</div>I'm not so sure I agree. =A0You have to consider the monoculture =
problem, combined with the threat you are defending against.<br></blockquot=
e><div><br></div><div>I really hate the monoculture argument. It misses the=
fact that evolution of Internet applications and attack strategies is not =
according to Darwinian evolution.</div>
<div><br></div><div>Diversity is only a successful strategy against Darwini=
an evolution. It does not work against intelligent design and malware is a =
product of intelligent design.</div><div><br></div><div><br></div><div>
Whether it is better to put all your eggs in one basket or in many baskets =
depends on the consequences of compromise.</div><div><br></div><div>If the =
loss of one egg is acceptable then many baskets is the way to go. If on the=
other hand they are dragon eggs and the loss of just one is a catastrophe =
then putting them all in one basket is the lowest risk strategy.</div>
<div><br></div><blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex=
;border-left:1px #ccc solid;padding-left:1ex">1. =A0If everyone uses the sa=
me cipher, the attacker need only attack that one cipher.<br>
2. =A0If there are thousands of ciphers in use, the attacker needs to attac=
k some large fraction of them.<br></blockquote><div><br></div><div>But on t=
he flip side the cost of developing ciphers is large and the vulnerabilitie=
s introduced into a protocol through support for algorithm negotiation are =
significant.=A0</div>
<div><br></div><div>Moreover as Newt Gingrich discovered, it only takes one=
party to your conversation to be using an old AMPS analog line for your co=
nspiracy to be revealed.</div><div><br></div><div><br></div><div>I would ra=
ther choose one algorithm and one additional strong algorithm as a backup t=
han have the hundreds of algorithms.</div>
</div><br clear=3D"all"><div><br></div>-- <br>Website: <a href=3D"http://ha=
llambaker.com/">http://hallambaker.com/</a><br>
</div></div>
--001a1132f26a463fcc04e60eeaab--
--===============2533515213736887875==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
--===============2533515213736887875==--
