[147194] in cryptography@c2.net mail archive
Re: [Cryptography] paranoid cryptoplumbing is a probably not
daemon@ATHENA.MIT.EDU (Tony Arcieri)
Tue Sep 17 17:22:50 2013
X-Original-To: cryptography@metzdowd.com
In-Reply-To: <20130917115449.421ebfab@jabberwock.cb.piermont.com>
From: Tony Arcieri <bascule@gmail.com>
Date: Tue, 17 Sep 2013 14:08:03 -0700
To: "Perry E. Metzger" <perry@piermont.com>
Cc: Crypto <cryptography@metzdowd.com>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
--===============8304187985997473598==
Content-Type: multipart/alternative; boundary=047d7b6d7db29cc24904e69ab82c
--047d7b6d7db29cc24904e69ab82c
Content-Type: text/plain; charset=ISO-8859-1
On Tue, Sep 17, 2013 at 8:54 AM, Perry E. Metzger <perry@piermont.com>wrote:
> I'd like to note quite strongly that (with certain exceptions like
> RC4) the odds of wholesale failures in ciphers seem rather small
> compared to the odds of systems problems like bad random number
> generators, sabotaged accelerator hardware, stolen keys, etc., and a
> smart attacker goes for the points of weakness.
As a counterpoint to what I was saying earlier, here's a tool that's likely
focusing on the wrong problems:
https://keybase.io/triplesec/
--
Tony Arcieri
--047d7b6d7db29cc24904e69ab82c
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr">On Tue, Sep 17, 2013 at 8:54 AM, Perry E. Metzger <span di=
r=3D"ltr"><<a href=3D"mailto:perry@piermont.com" target=3D"_blank">perry=
@piermont.com</a>></span> wrote:<br><div class=3D"gmail_extra"><div clas=
s=3D"gmail_quote">
<blockquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-=
left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;p=
adding-left:1ex">I'd like to note quite strongly that (with certain exc=
eptions like<br>
RC4) the odds of wholesale failures in ciphers seem rather small<br>
compared to the odds of systems problems like bad random number<br>
generators, sabotaged accelerator hardware, stolen keys, etc., and a<br>
smart attacker goes for the points of weakness.</blockquote><div><br></div>=
<div>As a counterpoint to what I was saying earlier, here's a tool that=
's likely focusing on the wrong problems:</div><div><br></div><div>
<a href=3D"https://keybase.io/triplesec/">https://keybase.io/triplesec/</a>=
=A0</div></div><div><br></div>-- <br>Tony Arcieri<br>
</div></div>
--047d7b6d7db29cc24904e69ab82c--
--===============8304187985997473598==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
--===============8304187985997473598==--