Paul Ferguson wrote:
| At 12:05 AM 9/17/97 +0100, Antonomasia wrote:
| >Bruce Schneier has a PostScript presentation (55 pages) on
| >www.counterpane.com from the "Beyond HOPE" meeting in New York last month.
| >It's big on the limitations of crypto, and even hyperbolates:
| > "If you think cryptography can solve your problem, then you don't
| > understand your problem and you don't understand cryptography."
For the record, this was Roger Neeman Bruce was quoting. (Of
| Perhaps not all of them, but it makes about 95% of them disappear
| for me to secure my network, speaking as someone who has built
| just a few networks, and also speaking as somone who has been both
| network admin and security flunky in previous lives.
I disagree. It gets rid of some of them, but not 95%.
The first issue is that Cryptography is HARD. Even good
people make mistakes in their systems. Even really good people make
mistakes in their systems.
The next issue is that going from a cryptographically strong
design to software is hard. (There is a good paper in the Crypto '97
proceedings, titled 'The design of a random oracle' on a shift that
people have been making in implementations for years. There is a
concept called an oracle, and oracles and hash functions share many
properties. So people had been dropping in hash functions where
oracles were called for. This was not in line with the design, and
lead to weaknesses, but the oracle was introduced as a useful tool in
thinking about protocols, then used to design protocols, then hash
functions were used to implement them. Spot the disconnect?)
The next issue (once we have good crypto protocols and they
are well implemented) is that cryptography does address host
spoofing, it doesn't prevent me from snarfing (NOT sniffing) your
password, exploiting your .shosts, playing with your NFS volumes, etc.
How do I snarf a password for machine X? Break into Y, from where
I've seen people login to X. (Traffic analysis) Get root on Y. Snoop
on the TTY instead of the net. Or shoulder surf. Install a trojan
SSH binary. Install a trojan shell that logs everything you type to
So, cryptography improves things. But don't think that it
makes your security concerns go away.
| >Any specifics in mind when you say "full steam ahead" ?
| >(Authenticated DNS can't come too soon.)
Authenticated DNS is great, but what happens when I pull a
buffer overflow on the BIND code on which your authenticated DNS is
built? Will you get authenticated DNS and trust that its good? What
if a malicious person controls the DNS server at the far end? (This
is different because it continues to apply even when BIND is replaced
with a small, secure DNS server.)
"It is seldom that liberty of any kind is lost all at once."