[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Elementary fact on cryptographic security
- To: email@example.com
- Subject: Elementary fact on cryptographic security
- From: masataka ohta <firstname.lastname@example.org>
- Date: Mon, 03 Nov 2003 17:34:33 +0900
- User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 (ax)
A elementary fact on cryptographic security is that related parties
must be securely configured in advance with some information on keys.
Otherwise, a system is, as is exemplified by DH key exchange, subject
to MITM attack.
However, there are people trying to make something impossible possible
by complicated engineering.
Some of them ignore laws of thermodynamics and try to invent
complicated perpetual motion machines.
Others write complicated drafts with plain DNS to supply signatures
of insecure public keys to improve security ignoring the fact that
plain DNS is an easy victim of the MITM attack.
The next obvious step for them is autocnfiguration of secure DNS. :-)