Encryption and risk
Dan Ritter
dsr-mzpnVDyJpH4k7aNtvndDlA at public.gmane.org
Tue Oct 6 10:49:57 EDT 2009
On Tue, Oct 06, 2009 at 10:41:32AM -0400, David Kramer wrote:
> > implementation perfect. Torture and imprisonment, and sometimes
> > the threats thereof, work all too well at obtaining immediately
> > verifiable secrets.
>
> In this case, OTP could actually be worse, because you need to have
> ready access to the list of codes. And if you do, chances are they will
> too after sufficient persuasion.
Right.
Step one should always be "Figure out your threat model."
Step two: "How much is it worth to you to keep this secret?"
-dsr-
--
http://tao.merseine.nu/~dsr/eula.html is hereby incorporated by reference.
You can't defend freedom by getting rid of it.
More information about the Discuss
mailing list