-
Read more...
“So the threat to cryptography is well understood due to work by Peter Shor and others. A symmetric algorithm like AES or others standard crypto processes is cut (of) key-size in half, which is a dramatic reduction. ... For key management purposes, against the RSA and the Diffie-Hellman and stuff, they flat-line under a quantum computer.”
Brian Snow, Former Technical Director of the US National Security Agency (NSA), Public Key Cryptography 30th Anniversary Conference, Dec 2006
-
"History has taught us: never underestimate the amount of money, time, and effort someone will expend to thwart a security system. It's always better to assume the worst. Assume your adversaries are better than they are. Assume science and technology will soon be able to do things they cannot yet. Give yourself a margin for error. Give yourself more security than you need today. When the unexpected happens, you'll be glad you did."Read more...
Bruce Schneier, "Why Cryptography Is Harder Than It Looks", 1997 -
Read more...
“Consider the use of smart cards ... for especially critical functions. Although more costly than software, when properly implemented the assurance gain is great. The form-factor is not as important as the existence of an isolated processor and address space for assured operations – an ‘Island of Security,’ if you will. Such devices can communicate with each other through secure protocols and provide a web of security connecting secure nodes located across a sea of insecurity in the global net.”
Brian Snow, Former Technical Director of the US National Security Agency (NSA), "We need assurance!", 1999-2008
Resources Expert Opinions Information assurance quote: SecurIST, Need for assurance over system lifetime
| quote: SecurIST, Need for assurance over system lifetime |
|