Saturday, September 3, 2011

Encryption: it's the protocols that often go wrong

Bruche Schneier has an interesting summary of the recent diplomatic cable disclosure due to (a) the encrypted file being (surreptitiously but) publicly available, and (b) the decruption key being publicly disclosed on a separate occasion. It's a good example of how what can often go wrong with cryptography is not the core technology or algorithm itself, but a failure in handling associated protocols (be it technical or social).

No comments: