fouts@lemming. (Marty Fouts) (10/25/88)
Ten Years AGO. Can't any of you hot researchers find me a more recent reference. (;-) [ When you find a good reference, send them to me for posting. --DL ] Look; where we are chosing to disagree is in how important the underlying assumptions are. Many of you have sent (or posted) comments which include "assuming . . ." Some of you have even pointed out some of the weaknesses in various assumptions. I admit my exposition was rusty, allowing a lot of people the opportunity to flame the details. Sorry. Last time I spout off on a subject I'm rusty on without rereading the relevant work. For example, take the posting to which I am currently replying. The author points out that RSA is well known to be invertable under certain circumstances and goes on to describe zero-knowledge authentication, including the assumption: >> zero-knowledge authentication. The puzzles can be widely published; only >> the solutions are kept secret (local to the appropriate server). By using There is the assumption. Assuming that the solutions are kept secret zero-knowledge authentication. . . All such systems rely on similar simplifying assumptions. As long as you can afford to make the assumptions you can build very powerful systems. Further on, the author talks about an algorithm by Rabin and Karp which generates a fingerprint: >> A fingerprint is a cryptographic checksum which >> is unforgeable with high probability when the key (the irreducible >> polynomial) is unknown (kept secret) Bingo. Another assumption. In all of these systems, there is an underlying assumption that something is kept secret, that the technique to do something is unknown or unknowable, or that physical security can not be breached. Time and again these assumptions are found false in real systems. Finally, the author goes on to describe the use of quorum consensus, claiming "we can lower the probability of an intruder breaking our system arbitrarily." This agrees with my original claim. I said systems couldn't be made absolutely secure, only reasonably secure. The author is quantitizing the degree of security. Marty -- +-+-+-+ I don't know who I am, why should you? +-+-+-+ | fouts@lemming.nas.nasa.gov | | ...!ames!orville!fouts | | Never attribute to malice what can be | +-+-+-+ explained by incompetence. +-+-+-+
glassman@ames.arc.nasa.gov (Steven Glassman) (10/28/88)
In article <5256@saturn.ucsc.edu> fouts@lemming. (Marty Fouts) writes: > >Ten Years AGO. > >Can't any of you hot researchers find me a more recent reference. (;-) > >[ When you find a good reference, send them to me for posting. --DL ] > >Look; where we are chosing to disagree is in how important the >underlying assumptions are. Many of you have sent (or posted) >comments which include "assuming . . ." Some of you have even pointed >out some of the weaknesses in various assumptions. > [some stuff about assumptions deleted] > >Marty > I have two half references (that might add up to one real reference). First, there are the preliminary proceeding from the Arctic88 Advanced Course on Distributed Systems edited by Sape Mullender. (Unfortunately, I don't believe the final proceedings have been published yet). The section on cryptography (written by Roger Needham) presents some recent work (in the last year or so) by Burrows, Abadi and Needham. Needham mentions the work is published, but doesn't include a specific reference. (Burrows and Needham are from Cambridge and Abadi is from DEC SRC. It isn't a DEC report, so I suspect it must be a Cambridge report). The work converts various authentication protocols into a system of statements about the initial beliefs (assumptions) and derives the beliefs after the protocol has run. Steve Glassman Olivetti Software Technology Laboratory acornrc!glassman
scc@uunet.UU.NET (Stephen Crawley) (10/29/88)
The reference for the Burrows, Adabi, Needham paper that Steve Glassman mentioned is: "Authentication: a practical study in belief & action" M Burrows, M Abadi, R Needham. Technical Report #138. Cambridge University Computer Laboratory. June '88 An earlier version of the paper can be found in: Proceedings of the 2nd Conference on Theoretical Aspects of Reasoning About Knowledge. held at Asilomar in February '88 -- Steve