Rocksolid Light

Welcome to Rocksolid Light

mail  files  register  newsreader  groups  login

Message-ID:  

You are false data.

devel / sci.crypt / Re: SCOS - sci.crypt open secret scheme is security through obscurity

SubjectAuthor
o SCOS - sci.crypt open secret scheme is security through obscurityRichard Heathfield

1
Re: SCOS - sci.crypt open secret scheme is security through obscurity

<ufn428$13k8a$1@dont-email.me>

  copy mid

http://rslight.i2p/devel/article-flat.php?id=277&group=sci.crypt#277

  copy link   Newsgroups: sci.crypt
Path: i2pn2.org!i2pn.org!eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: rjh@cpax.org.uk (Richard Heathfield)
Newsgroups: sci.crypt
Subject: Re: SCOS - sci.crypt open secret scheme is security through obscurity
Date: Thu, 5 Oct 2023 20:50:31 +0100
Organization: Fix this later
Lines: 35
Message-ID: <ufn428$13k8a$1@dont-email.me>
References: <u63qfu$9ors$1@paganini.bofh.team>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Date: Thu, 5 Oct 2023 19:50:32 -0000 (UTC)
Injection-Info: dont-email.me; posting-host="506be2eade760bd1b14b99d63f6021d4";
logging-data="1167626"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1+XZ14pigcYAZAjdUBqZE179yOrK76jpZfFMSQ3ZZYWdw=="
User-Agent: Mozilla Thunderbird
Cancel-Lock: sha1:/IqXsAqPgaJSSYSqGOythtT07B4=
Content-Language: en-GB
In-Reply-To: <u63qfu$9ors$1@paganini.bofh.team>
 by: Richard Heathfield - Thu, 5 Oct 2023 19:50 UTC

On 11/06/2023 7:47 am, Principal Kerckhoff wrote:
> The sci.crypt open secret is an exercise in security through obscurity.

No, it's an exercise in demonstrating the weakness of security
through obscurity.

> By keeping the algorithm and source code secret the schemers are
> engaging in security through obscurity.

The source code has been published. To gain access to it you need
only crack the very light encryption in which it's wrapped.
Enough people have done this independently to prove that it can
certainly be done.

> Then by complaining about revelations of the secrets of the algorithm
> they prove a scheme of security through obscurity.

Telling people the algorithm is like telling them the answer to 1
Across. It stops people from achieving the satisfaction of
working it out for themselves.

>
> The schemers have a beef with revelations of the algorithm when the beef
> should be against the practice of security via obscurity.

By the same argument, newspapers should print crosswords with the
answers already inked in. Perish the thought that someone might
enjoy solving a challenge!

--
Richard Heathfield
Email: rjh at cpax dot org dot uk
"Usenet is a strange place" - dmr 29 July 1999
Sig line 4 vacant - apply within

devel / sci.crypt / Re: SCOS - sci.crypt open secret scheme is security through obscurity

1
server_pubkey.txt

rocksolid light 0.9.81
clearnet tor