Re: CFP: PKI research workshop
sometimes the "principles" of security are referred to as PAIN or sometims PAIIN see http://www.garlic.com/~lynn/security.htm and click on PAIN & PAIIN in the acronym section of the glossary. Doing a threat model ... would include not only end-to-end issues but what aspects of PAIIN are being addressed. privacy, authentication, identification, integrity, non-repudiation (PAIIN) (see also authentication, identification, integrity, non-repudiation, privacy, security) an aspect of security can be integrity and and aspect of integrity can be dependability leading to things like: http://www.hdcc.cs.cmu.edu/may01/index.html which is then related back to my posting on sunday (with regard to integrity) http://www.garlic.com/~lynn/aadsm9.htm#cfppki10 CFP: PKI research workshop [EMAIL PROTECTED] on 12/31/2001 8:32 pm wrote: to which I would add: 3. Cryptography, and therefore PKI, is meaningless unless you first define a threat model. In all the messages with this Subject, I've only see one person even mention "threat model". Think about the varying threat models, and the type of cryptography one would propose to address them. Even the most common instance of encryption, encrypted web forms for hiding credit card numbers, suffers from addressing a limited threat model. There's a hell of a lot of known plaintext there. - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Re: CFP: PKI research workshop
somewhat as an aside ... the requirement(s) given the X9A10 financial standards working group for the development of the X9.59 standard was * to preserve the integrity of the financial infrastructure for all retial electronic payments without the use of encryption "ALL" didn't just mean internet or just mean credit it met "ALL" ... all environments ... all types of transactions, etc. "Without the use of encryption" didn't mean that information hiding wasn't precluded (say for privacy reasons) but weren't required to preserve the integrity of the financial infrastructure (aka that complete clear-text could be made available and it wasn't possible to do a fraudulent transaction based on everybody in the world potentially having the cleartext of that payment transaction). Implied in the requirement was that it had to also be extremely lightweight in order to be applicable to some of the existing electronic payments environments. Again "ALL" met "ALL" ... including a large number of existing electronic environments. Frequently "from scratch" protocol definitions are faster to do if you don't have to take into account any existing infrastructure (and/or only addressing an extremely small subset of the total end-to-end problem).. To meet the requirements we eventually settled on a very lightweight, end-to-end authentication definition (strong authentication of every transaction had to flow completely through from the consumer all the way through to the consumer's financial infrastructure). x9.59 references: http://www.garlic.com/~lynn/index.html#x959 [EMAIL PROTECTED] on 12/31/2001 8:32 pm wrote: to which I would add: 3. Cryptography, and therefore PKI, is meaningless unless you first define a threat model. In all the messages with this Subject, I've only see one person even mention "threat model". Think about the varying threat models, and the type of cryptography one would propose to address them. Even the most common instance of encryption, encrypted web forms for hiding credit card numbers, suffers from addressing a limited threat model. There's a hell of a lot of known plaintext there. - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Re: CFP: PKI research workshop
Andrew Odlyzko writes: > 1. Cryptography does not fit human life styles easily. > 2. Novel technologies take a long time to diffuse through society. to which I would add: 3. Cryptography, and therefore PKI, is meaningless unless you first define a threat model. In all the messages with this Subject, I've only see one person even mention "threat model". Think about the varying threat models, and the type of cryptography one would propose to address them. Even the most common instance of encryption, encrypted web forms for hiding credit card numbers, suffers from addressing a limited threat model. There's a hell of a lot of known plaintext there. -- -russ nelson <[EMAIL PROTECTED]> http://russnelson.com Crynwr sells support for free software | PGPok | If you argue with someone 521 Pleasant Valley Rd. | +1 315 268 1925 voice | who is not rational, he will Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | always win, in his own mind. - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]