A Few Thoughts on Cryptographic Engineering

Some random thoughts about crypto. Notes from a course I teach. Pictures of my dachshunds.

Matthew Green in noodling October 2, 2011August 30, 2016 49 Words

On the heels of the BEAST exploit on TLS 1.0, I’ve prepared a helpful flowchart to assist future standards committees. You can click to enlarge.

Update: I felt bad that this post was a little snarky, so I’ve written another post in which I try to provide some constructive advice.

gdrl says:

October 2, 2011 at 3:10 pm

Haha… “I offered $50 on my website. No takers.”

Regarding using your own bad cipher to encrypt your own bad stuff, have you seen this? http://it.slashdot.org/story/11/04/01/0017214/Convicted-Terrorist-Relied-On-Single-Letter-Cipher
Matthew Green says:

October 2, 2011 at 8:03 pm

Ha, I hadn't seen that particular one, but it's par for the course. I have a friend who did a stint at the FBI in a group tasked with breaking the awful ciphers that gangsters and terrorists like to use. It sounded like fun.

That article has me totally interested in the Mujahideen Secrets 2 program that he /didn't/ use. Unfortunately the brief Googling I just did will probably get me on a terrorist watch list…

Comments are closed.