This Article 
   
 Share 
   
 Bibliographic References 
   
 Add to: 
 
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb
 
 Search 
   
Cryptographic Design Vulnerabilities
September 1998 (vol. 31 no. 9)
pp. 29-33
Popular magazines often describe cryptography products in terms of algorithms and key lengths. These security techniques make good headlines ("Triple DES is much stronger than single DES."). Unfortunately, cryptography isn't so simple: Longer keys do not guarantee more security. Compare a cryptographic algorithm to the lock on your front door. Improving the lock probably won't make your house more secure. Burglars don't try every possible key (the equivalent of a brute-force attack); most aren't clever enough to pick the lock (the equivalent of a cryptographic attack). No, burglars smash windows, kick in doors, disguise themselves as police, and rob key-holders at gunpoint. Strong cryptography is very powerful when it is done right, but it is not a panacea. Building a secure cryptographic system is easy to do badly and very difficult to do well. Unfortunately, most people can't tell the difference. In this article, the author conveys some of the lessons learned in designing, analyzing, and breaking cryptographic systems.
Citation:
Bruce Schneier, "Cryptographic Design Vulnerabilities," Computer, vol. 31, no. 9, pp. 29-33, Sept. 1998, doi:10.1109/2.708447
Usage of this product signifies your acceptance of the Terms of Use.