[Ach] [cryptography] Better Crypto

[Pepi Zawodsky]

>>> The crypto is pretty much the last thing you need to worry about,
>>> since the attackers will ignore it and go for all the other weak points
>>> instead...
>> but perhaps a better disclaimer would be more like:
>> "WARNING: if your adversary can mount attacks against your RC4 and MD5
>> using protocols, hardening your cipher suite configuration will not
>> materially reduce your risk.*"
> The discussions on how to applied good crypto practices to real world servers is of course just one part of the whole hardening process.
I guess this assumes that one already is _directly_targeted_ by an adversary which does (at least I hope so) not apply to most people.

The benefit of hardening the crypto on endpoints (servers and client applications) is to protect the communication between said endpoints, not to protect the endpoints themselves. The resulting benefit, as I see it, is that now any three-letter-agency doesn't have an easy means of broadly sniffing tons of content by “simply tapping a fiber” but will have to attack hundreds/thousands of endpoints to aggregate the same amount of information.

This not only raises the cost of doing so dramatically, provided the crypto is good enough, but also raises the management overhead. In addition we might get a lot more chances of detecting these attacks which is nearly impossible when using plaintext and giving away all the data for free.

Just my 0.02 currency units.
Best regards
Pepi

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 841 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.cert.at/pipermail/ach/attachments/20140106/21fd3ab0/attachment.sig>