[2366] in cryptography@c2.net mail archive
Good Point (Weak Crypto and Y2K)
daemon@ATHENA.MIT.EDU (Ernest Hua)
Wed Mar 25 15:04:23 1998
From: Ernest Hua <Hua@teralogic-inc.com>
To: "'Cindy Cohn'" <Cindy@mcglashan.com>, "'John Gilmore'" <gnu@toad.com>
Cc: "'cryptography@c2.net'" <cryptography@c2.net>,
"'Arnold G. Reinhold'"
<reinhold@world.std.com>
Date: Wed, 25 Mar 1998 09:45:50 -0800
Cindy and John,
I think Arnold is using a very good illustration below of the pitfalls
of designing only for the needs of today.
While this is not necessarily the much more serious 1st Amendment
concerns, it is something much more tangible to the public.
I would vote for bringing Y2K up as an example of why compromises in
security for the sake of spook agencies could be a very bad thing 10 or
20 years down the road.
Ern
-----Original Message-----
From: Arnold G. Reinhold [SMTP:reinhold@world.std.com]
Sent: Wednesday, March 25, 1998 5:36 AM
To: Nathan Spande; 'perry@piermont.com'
Cc: 'cryptography@c2.net'
Subject: Weak Crypto and Y2K
At 4:29 PM -0600 3/23/98, Nathan Spande wrote:
>>
> I have a recollection of reading that there have been no
reports
>of credit-card fraud through a straight 40-bit SSL link.
Probably from
>amazon.com, but I would believe that it wasn't true. Anyway, I
guess
>the point is that even weak crypto is likely to cut down on
most of
>this, given the significantly more difficult nature of
decrypting an SSL
>session to get a single card number. Granted, once a tool for
doing
>this becomes available, rates would rise. But we know two
things about
>most criminals: stupid and lazy. Once it becomes difficult to
slurp
>credit card numbers off the net, they are going to move on to
easier
>targets. Even 56 bits makes it so much more difficult to get
individual
>numbers that they are going to attack the storage mechanism.
That is
>where the real difficulty has come in: keeping the databases
safe. That
>isn't so much about cryptography as it is about good security
>administrators and system administrators. Granted: good strong
crypto
>has a place in every authentication system.
>
I think there is a parallel between designing electronic
commerce
infrastructure today that use weak cryptography (i.e. 40 or 56
bit keys)
and, say, designing air traffic control systems in the '60s
using two
digit year fields. You know it will work well enough for now,
but that it
will certainly be a problem in the future. Yes, there are other
weak points
that will have to be addressed, but that is no excuse for
employing
crippled technologies. Just because you can retire before it
all blows up
doesn't make it any less irresponsible.
Arnold Reinhold
Got crypto? http://ciphersaber.gurus.com
