[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Design] Re: Wes Hardaker: opportunistic encryption deployment problems

To: Stephen Kent <kent@bbn.com>
Subject: Re: [Design] Re: Wes Hardaker: opportunistic encryption deployment problems
From: Derek Atkins <warlord@mit.edu>
Date: 17 Aug 2001 12:40:07 -0400
Cc: ipsec@lists.tislabs.com, FreeS/WAN Design Issues <design@lists.freeswan.org>
In-Reply-To: Stephen Kent's message of "Thu, 16 Aug 2001 17:42:32 -0400"
References: <Pine.BSI.3.91.1010815104227.27630E-100000@spsystems.net> <p0501040db7a0ac202a1b@[128.33.238.53]> <sjmn1503ywh.fsf@rcn.ihtfp.org> <p05010401b7a1eca9f87c@[128.33.238.106]>
Sender: owner-ipsec@lists.tislabs.com

Stephen Kent <kent@bbn.com> writes:

> I also recall that Steve Bellovin and I participated in a panel at 
> the National Computer Security Conference in the mid-90s, chaired by 
> Dorothy Denning, where the topic was "Will Encryption Thwart 
> Hackers." The panel was unanimous in agreeing that the answer was no, 
> for a variety of reasons that are still valid to day.  I know of very 
> few folks in the (larger) Internet community who believe that the 
> principal threat is passive wiretapping of the Internet, vs. 
> unauthorized access to computing resources on organizational LANs. 
> Encryption of lots of Internet traffic, without accompanying 
> authentication and access control, does not address the latter 
> concern.

I think that 'universal encryption' and 'universal authentication' are
two different and separable problems.  Indeed, I think we've found
that universal authentication is a HARD problem, whereas 'universal
encryption' does not appear to be quite as hard (albeit with some
limited protections).

>From where I sit, I passive eavesdropping is a major issue.  Is it the
only issue, hell no.  However, just look at all the password-sniffing
attacks that have happened over the years.  An attacker somehow gets
into an account, sets up a sniffer, and then collects other passwords
for other break-ins.  If universal encryption had been deployed (even
unauthenticated DH), these sniffers would have been ineffective.

Would it have solved the authentication problems?  No, of course not.
But does that mean that encryption is useless by itself?  No, of
course not.  It would have solved a subset of the problems, and that
by itself is a worthwhile goal.

We cannot build a panacea.  No such beast exists, and looking for that
perfect solution will, in the end, cause us to have none.

> Steve

-derek

-- 
       Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
       Member, MIT Student Information Processing Board  (SIPB)
       URL: http://web.mit.edu/warlord/    PP-ASEL-IA     N1NWH
       warlord@MIT.EDU                        PGP key available

Follow-Ups:

Re: [Design] Re: Wes Hardaker: opportunistic encryption deployment problems

From: Stephen Kent <kent@bbn.com>

References:

Re: [Design] Re: Wes Hardaker: opportunistic encryption deployment problems

From: Henry Spencer <henry@spsystems.net>

Re: [Design] Re: Wes Hardaker: opportunistic encryptiondeployment problems

From: Stephen Kent <kent@bbn.com>

Re: [Design] Re: Wes Hardaker: opportunistic encryption deployment problems

From: Derek Atkins <warlord@mit.edu>

Re: [Design] Re: Wes Hardaker: opportunistic encryption deployment problems

From: Stephen Kent <kent@bbn.com>

Prev by Date: RE: XKMS and NIH RE: Simplifying IKE
Next by Date: Re: draft-ietf-ipsec-udp-encaps-00: non-500 ESP encap, 32bits of , i-cookie=0
Prev by thread: Re: [Design] Re: Wes Hardaker: opportunistic encryptiondeployment problems
Next by thread: Re: [Design] Re: Wes Hardaker: opportunistic encryption deployment problems
Index(es):
- Main
- Thread