Encryption and risk
David Kramer
david-8uUts6sDVDvs2Lz0fTdYFQ at public.gmane.org
Tue Oct 6 10:41:32 EDT 2009
Dan Ritter wrote:
> Everyone seems to be ignoring the real brute force attack:
> rubber-hose cryptanalysis.
>
> If Eve and Mallory are well-funded and either have a state or a
> significant criminal group backing them, it might not matter
> that the algorithm is good, the key is hard and the
> implementation perfect. Torture and imprisonment, and sometimes
> the threats thereof, work all too well at obtaining immediately
> verifiable secrets.
In this case, OTP could actually be worse, because you need to have
ready access to the list of codes. And if you do, chances are they will
too after sufficient persuasion.
More information about the Discuss
mailing list