[148216] in cryptography@c2.net mail archive
Re: [Cryptography] Moving forward on improving HTTP's security
daemon@ATHENA.MIT.EDU (James A. Donald)
Fri Nov 22 22:37:42 2013
X-Original-To: cryptography@metzdowd.com
Date: Sat, 23 Nov 2013 13:07:07 +1000
From: "James A. Donald" <jamesd@echeque.com>
To: cryptography@metzdowd.com
In-Reply-To: <528F1CC8.60107@iang.org>
Reply-To: jamesd@echeque.com
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
On 2013-11-22 18:58, ianG wrote:
> To a large extent is all comes back to WYTM? or what's your threat model?
>
> I'm assuming here, today, we are adding the NSA's mass surveillance into
> the equation as a valid and important threat model. That's an
> assumption that can be challenged...
>
> If NSA mass surveillance is our threat model (addition), then the
> solution to that is probably mass opportunistic encryption, to force
> them to go active.
Because powerful organizations wish to observe without being observed, a
moderate chance of detection of active attacks is sufficient to deter,
sufficient to reduce the number of active attacks to very low levels
The more powerful the adversary, and the less powerful you, the more
valuable information about the adversary, and the less valuable
information about you, therefore, the less attractive active attacks
that suffer some risk of detection.
The more powerful the adversary, the less attractive active attacks are
to that adversary.
Any organization powerful enough to perform active attacks on the wire,
is apt to be powerful enough that observation of its attacks provides
information about the organization that likely is of more value than the
information obtained by the attack.
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography