[147131] in cryptography@c2.net mail archive
Re: [Cryptography] Security is a total system problem (was Re:
daemon@ATHENA.MIT.EDU (John Kelsey)
Sat Sep 14 18:58:15 2013
X-Original-To: cryptography@metzdowd.com
In-Reply-To: <20130913152353.71e849ff@jabberwock.cb.piermont.com>
From: John Kelsey <crypto.jmk@gmail.com>
Date: Sat, 14 Sep 2013 17:59:42 -0400
To: "Perry E. Metzger" <perry@piermont.com>
Cc: Eugen Leitl <eugen@leitl.org>,
"cryptography@metzdowd.com" <cryptography@metzdowd.com>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
On Sep 13, 2013, at 3:23 PM, "Perry E. Metzger" <perry@piermont.com> wrote:
> The problem these days is not that something like AES is not good
> enough for our purposes. The problem is that we too often build a
> reinforced steel door in a paper wall.
Also, if AES being insufficiently strong is our problem, we have a whole bunch of solutions easily at hand. Superencrypt successively with, say, Serpent, Twofish, CAST, Salsa, and Keccak in duplex mode. This has a performance cost, but it is orders of magnitude less overhead than switching to manual key distribution of one-time pads.
It's hard for me to think of a real world threat that is addressed better by a one-time pad than by something cheaper and less likely to get broken via human error or attacks on the key management mechanism.
> Perry E. Metzger perry@piermont.com
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
