Reply to post: Bank Vault locks - cardboard doors

We need to talk about mathematical backdoors in encryption algorithms


Bank Vault locks - cardboard doors

Perhaps the cryptographic equivalent of bank vault locks can be got through by the tiny elite likely to be in the know, but why would anyone bother most of the time ?

Those who hold such high value secrets (i.e. knowledge of algorithm weaknesses) where these exist will want to use them very infrequently and against only the highest value targets for fear of disclosure through honeypot techniques and well tuned intrusion detection systems. It's all basic spy craft - those with high value sources protect these as much as they can which means most who could usefully know are denied access, information gained from these sources has to be very carefully guarded and sanitised prior to declassification and use, and the more use that is made will increase the probability that this kind of source gets disclosed sooner rather than later.

Everything else will involve getting through the cardboard doors - the very many and various implementation weaknesses against which very few systems are likely to be properly protected. So I don't think I'll be rolling my own crypto or combining multiple forms of it or engaging in other obscurity exercises likely to fail when I'm not yet doing the thousand other things I'd have to do (including knowing all my chip technologies and binary device drivers and system software) to avoid the cardboard doors.

The targets I have to defend just aren't valuable enough for me to worry about algorithms no-one has yet discovered unsafe despite large prizes for effective attacks being on offer for those who try to discover these backdoors.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019