Marc Branchaud wrote: > > This analogy doesn't quite hold. > > Copy protection need only be broken once for the protection to be disabled > for a particular piece of work. Also, once the scheme is known for one piece > of work, it is extremely easy to break the scheme for other pieces, and in > particular to write an application that will do so. > > With crypto's bar-raising, OTOH, breaking one instance, like an SSL stream or > an AES key, does not break all other uses of SSL or AES. In particular, SSL > & AES will provide the same degree of protection for any other communication > of the same data between the same or other parties. Also, good crypto > schemes are already widely known and designed explicitly so that knowledge of > the scheme does not break the scheme.
Although I agree with the general point, I should just mention that if an SSL break is a break of a private key, then future communications between the broken party and others may be compromised. Cheers, Ben. -- http://www.apache-ssl.org/ben.html "There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit." - Robert Woodruff --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]