[Mac_crypto] Fwd: The Crypto Gardening Guide and Planting Tips

Vinnie Moscaritolo mac_crypto@vmeng.com
Wed, 5 Feb 2003 09:07:32 -0800

Next message: [Mac_crypto] Implementation of Chosen-Ciphertext Attacks against PGP and GnuPG
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

he also has some great other papers at http://www.cs.auckland.ac.nz/~pgut001/

>Date: Wed, 5 Feb 2003 17:08:17 +1300
>From: pgut001@cs.auckland.ac.nz (Peter Gutmann)
>To: cryptography@wasabisystems.com, cypherpunks@lne.com
>Old-Subject: The Crypto Gardening Guide and Planting Tips
>X-Loop: cypherpunks@lne.com
>X-spam: 0
>Subject:  The Crypto Gardening Guide and Planting Tips
>Sender: owner-cypherpunks-moderated@minder.net
>
>After much procrastination I recently put the Crypto Gardening Guide and
>Planting Tips online at
>http://www.cs.auckland.ac.nz/~pgut001/pubs/crypto_guide.txt, this may be of
>interest to readers.  From the introduction:
>
>   There has been a great deal of difficulty experienced in getting research
>   performed by cryptographers in the last decade or so (beyond basic
>   algorithms such as SHA and AES) applied in practice.  The reason for this is
>   that cryptographers don't work on things that implementors need because it's
>   not cool, and implementors don't use what cryptographers design because it's
>   not useful or sufficiently aligned with real-world considerations to be
>   practical. As a result, security standards are being created with mechanisms
>   that have had little or no security analysis, often homebrew mechanisms or
>   the standards editor's pet scheme.  The problem is a lack of communication:
>   Cryptographers often don't seem aware of the real-world constraints that
>   their design will need to work within in order to be successfully deployed.
>   The intent of this document is to cover some of those real-world constraints
>   for cryptographers, to point out problems that their designs will run into
>   when attempts are made to deploy them.  Also included is a motivational list
>   of extremely uncool problems that implementors have been building ad-hoc
>   solutions for since no formal ones exist.
>
>Peter.


-- 

Vinnie Moscaritolo                                          ITCB-IMSH
PGP: 3F903472C3AF622D5D918D9BD8B100090B3EF042
-------------------------------------------------------

Next message: [Mac_crypto] Implementation of Chosen-Ciphertext Attacks against PGP and GnuPG
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]