

The Cryptographic Doom Principle - Rexxar
http://www.thoughtcrime.org/blog/the-cryptographic-doom-principle/?

======
KerrickStaley
This is from 2011. Still a really good (and short) read :)

The URL from this submission ends with /?, so HN wasn't able to dedupe it from
the earlier submission:
[https://news.ycombinator.com/item?id=6153834](https://news.ycombinator.com/item?id=6153834)

------
diafygi
What does OpenPGP do? If you have the MAC in plaintext, wouldn't anyone be
able to determine who encrypted the message?

~~~
maxerickson
It calls it a modification detection code, but it does "Authenticate Then
Encrypt":

[https://tools.ietf.org/html/rfc4880#section-5.13](https://tools.ietf.org/html/rfc4880#section-5.13)

It also does digital signatures (but those are different than a MAC, they
verify the identity of the sender).

The MAC takes a shared secret as input, so it should only reveal anything to
parties that possess that secret.

------
sarciszewski
I've always enjoyed Moxie's blog posts. This one is probably my favorite.

AEAD, EtM, or bust.

------
yuhong
I wonder if AtE with MD5 with secret prefix as MAC can be exploited, as in say
SSLv2.

------
revelation
Or don't bother with this and generate random tokens, which should cover about
99 percent of cases where a clueless developer would run into the problems
here. Leave the cryptography to those that actually know they need
cryptography.

~~~
ambrop7
You sound like a web developer who thinks that 99% of cryptographic problems
have to do with a web application discriminating between sessions. (I'm just
guessing about the context of your comment since you didn't provide any.)

------
krazydad
For the other clueless readers:

MAC:
[http://en.wikipedia.org/wiki/Message_authentication_code](http://en.wikipedia.org/wiki/Message_authentication_code)

[Please spell out your acronyms the first time, nerds]

~~~
brownbat
To be fair, the first use was a link to the wikipedia article, the style just
doesn't give you any indication of that.

If I recall, underlining links led to heated debates in some circles, but it's
really, really nice to have some visual signal to set off links for readers.
If it wasn't obvious why already, this is a great case.

~~~
akjsdfh
> To be fair, the first use was a link to the wikipedia article, the style
> just doesn't give you any indication of that.

Huh? it's a different color.

~~~
brownbat
Huh, yeah, they are two different shades of gray. Completely missed that, so
I'm still for more contrast in links. I guess if I'm forced to rate Moxie
Marlinspike on presentation, maybe he gets docked a point.

It all feels a bit like rating chef Jonathan Benno on shoelace cleanliness
though.

