[LUNI] collision news
maney at pobox.com
Fri Aug 27 07:07:30 CDT 2004
On Fri, Aug 27, 2004 at 01:31:44AM -0500, Matthew Landry wrote:
> In other words, no matter the strength or weakness of the
> underlying crypto, the break is immensely more likely to be either the
> implementor's fault or your fault than the cryptologist's fault. :)
Well, that's part of it. The crypto is rarely the weak link in the
chain - physical [in]security, root exploits, social engineering, et.
al. usually offer easier attacks than cracking the crypto. It's more
like the crypto is a bank vault grade door installed in a rickety shack
with windows and other doors that are secured by little but hope and
luck. Really shoddy "snake oil" crypto or bad implementations of good
crypto are among those doors and windows, but there are lots of others.
Hebb's dictum: If it isn't worth doing, it isn't worth doing well.
More information about the luni