[3054] in cryptography@c2.net mail archive
practical encryption
daemon@ATHENA.MIT.EDU (Nelson Minar)
Thu Jul 23 10:27:23 1998
Date: Thu, 23 Jul 1998 09:43:58 -0400
From: nelson@media.mit.edu (Nelson Minar)
To: cryptography@c2.net
All this debate about the viability of DES strikes me as being related
to the flaw found recently in SSL implementations.
Both cases are examples of a serious problem in the cryptography. DES
can be brute-forced with access to some unusual, if not terribly
expensive hardware. SSL implementations can be broken with the use of
some unusual, if not terribly difficult communication. From an
intellectual or academic point of view, these systems should be fixed.
We should use longer keys, we should fix the interactive protocol. No
one on this list disagrees.
The problem is the face we put on these issues, the message that gets
out. The newspaper articles about the SSL weakness were terrible.
"Web security system is broken". The impression it gave readers who
don't understand crypto was that somehow using cryptography was *more*
insecure than not doing anything. I know that's irrational, but that's
the way the articles read. When people don't think about crypto, they
blissfully assume everything is secure. We need to teach people to
think about *using crypto* as much, or more than the technical details
of the crypto they're using. And all this press about good-but-not-great
systems can obscure that message.
I think the single most important use of crypto facing us now is
IPSEC. It gives the Internet authentication and encryption. We should
design the protocols to be strong, yes. We should raise hell about 40
bit limits, and develop the crypto in a free country so everyone has
access to the strong system. But we can't lose sight of the more
fundamental message, that we need the cryptography.
Or is this horribly naive?
