[messaging] Short Auth Strings

Daniel Kahn Gillmor dkg at fifthhorseman.net
Fri Jan 31 23:07:01 PST 2014


On 01/31/2014 05:23 PM, Tony Arcieri wrote:
> On Fri, Jan 31, 2014 at 11:17 AM, Daniel Kahn Gillmor <dkg at fifthhorseman.net wrote:
>> Indeed, Wikipedia suggests that the NSA has built systems to attack this
>> problem 8 years ago
> 
> If your threat model includes Nation State Adversaries, I think all bets
> are off...

I think this it's a mistake to take this perspective in the long term.
Whether you believe we have any chance of defeating today's Nation State
Adversaries today or not, we have to assume that the capabilities of
today's Nation State Adversaries are the capabilities of next year's
large corporation and the capabilities of the year after next's criminal
gang or graduate student with a lab, and a few more years down the line
within reach of a sophisticated disgruntled employee or ultimately a
script kiddie.

When do we think the NSA was first able to break DES?  Who could break
DES a few years after that?  Who can break DES today?

We need to be considering and planning defenses against the most
powerful of today's adversaries if we want to have any hope of having
realistic defenses deployed against more pedestrian adversaries in the
not-too-distant future.

Does the challenge of tricking humans into hearing what they want to
hear really seem so unrealistic that we shouldn't take it seriously as a
possible failure mode for these cryptosystems?

	--dkg

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1010 bytes
Desc: OpenPGP digital signature
URL: <http://moderncrypto.org/mail-archive/messaging/attachments/20140201/94bdd291/attachment-0001.sig>


More information about the Messaging mailing list