A proper law

Thu, 6 Mar 2003 16:10:10 -0000

From: "David Hansen" <davidh@spidacom.co.uk>
To: <ukcrypto@chiark.greenend.org.uk>
Sent: Thursday, March 06, 2003 2:50 PM
Subject: Re: A proper law

> On 6 Mar 2003 at 14:12, Brian Gladman wrote:
>
> > I could write a book on why some rotor machines failed while others
> > remain strong even today.
>
> I'm sure this group is a good place to give people some hints. It
> would make a change from RIP.

I wasn't thinking of anything very sophisticated - just the varous things
that were exploited in breaking the codes.  The most spectaculer own goal
was the reflection of the signal back through the rotor system. This was a
classic, since repeated many times, in which a step that seems to improve
security has exactly the opposite effect (a sin I have commited myself more
than once).

> > But the main lesson I draw from this period is that it is very easy to
> > take a strong cryptographic algorithm and then undermine its strength
> > by using it in the wrong way.
>
> This seems to be true today from the handful of war stories we are
> fed.
>
> > Dorothy has shifted back and forth on this over the last 10 years.  I
> > was not aware that she now says that GAK is not important - do you
> > have a specific reference for her current position on this?
>
> http://www.cs.georgetown.edu/~denning/crypto/anarchy-aft.html seems
> to be her current view. This refers to the much quoted
> http://www.cs.georgetown.edu/~denning/crypto/Future.html, which she
> says (in http://www.cs.georgetown.edu/~denning/publications.html)
> "does not reflect my current thinking". I assume the publications
> page is up to date, but I haven't read all of them.

Thanks for this David - I wondered whether Dorothy had done anything since
the mid/late 1990s but it seems that this is no longer a big issue in the
US.

   Brian