Actually, no, you can apply "provably secure" to a protocol as well.
Granted, it is usually applied to cryptographic protocols, but that
is still a protocol, not a cryptosystem. Indeed, one could attempt
to apply "provably secre" techniques to protocols such as Kerberos,
or, in the case of the original post, secure multicast.
I'd still like to see the proof of security, but it's a perfectly
reasonable goal.
-derek
"James A. Donald" <[EMAIL PROTECTED]> writes:
> --
> James A. Donald:
> > > I do not understand what is meant by "provably secure"]
>
> At 09:57 AM 7/28/2000 -0400, Rich Salz wrote
> > An unfortunate admission for a would-be cryptographer.
>
> It should have been obvious from the context that you deleted that I was
> criticizing the use of the word to refer to protocol.
>
> Multicast is a protocol, not a cypher. It may well use provably secure
> cyphers, but that does not make multicast provably secure.
>
> "Provably secure" is a word applicable to cyphers, not protocols. To use
> it in reference to a protocol is nonsense gibberish.
>
> "Provably secure" means that breaking a cypher is as hard as cracking the
> underlying one way transformation", which is usually true, and not very
> interesting, since cypher weakness is separate from protocol
> weakness. Cyphers are almost always stronger than protocols, and protocols
> seldom attacked through their cyphers.
>
> When we discuss a protocol, we normally take for granted that the cyphers
> are strong, irrespective of whether they are provably secure or not.
>
> One can prove that cracking a cypher is as hard as cracking some well known
> mathematical problem.
>
> What, however, does it mean to say that a protocol is provably secure? A
> protocol is not a cypher, though it uses well known cyphers.
>
> For example the problem with Verisign is not any weakness in the cyphers,
> but a weakness in determining true names.
>
> --digsig
> James A. Donald
> 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG
> f/wePiA4NUqV4TnDEAk3SMnTITqtbXlOE+0v1m/3
> 4r58BUE6S1/oWtoWDbs9VJxhGz07D0ZA1WMhIvFuB
>
>
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL N1NWH
[EMAIL PROTECTED] PGP key available
