[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

In defense of paranoia in cryptography

   However, a successful cryptographer must be cautious at a level that would
   be judged paranoid in more civilized communities.  

A correct analysis of the risks and the costs of prevention and
non-prevention is not being paranoid.  To be overly cautious is,
almost by definition, not to be economical.  It should be noted,
however, that there is enormous risk in ignorance of the other risks,
and so effort made in order to understand the risks is well spent,
_even_ if one spends more on that than the savings stemming from that

   If you need cryptography, it's because you have enemies.  

This is dangerously false.  One uses crypto because one does not know
the nature of one's opponents now and in the future, with an emphasis
on the future.  This lack of knowledge includes an ignorance that
certain parties do not have your best interests at heart.  If you
think they do, you can always reveal the information.

Cryptography is primarily about how we get assurances of security.
Uncertainty has negative value all by itself.