1. On key storage: Theoretically, you are absolutely right, a strong passphrase is mathematically enough.
-
RE: https://mstdn.ca/@upofadown/116228633551820031
1. On key storage: Theoretically, you are absolutely right, a strong passphrase is mathematically enough. But as you mentioned, the human factor is the bottleneck. That's why defense in depth (like keeping the key offline or on a hardware token/smartcard) is still highly recommended. It bypasses the passphrase usability issue entirely.
2. OCB is about having stronger, mathematically proven guarantees against ciphertext malleability .
-
RE: https://mstdn.ca/@upofadown/116228633551820031
1. On key storage: Theoretically, you are absolutely right, a strong passphrase is mathematically enough. But as you mentioned, the human factor is the bottleneck. That's why defense in depth (like keeping the key offline or on a hardware token/smartcard) is still highly recommended. It bypasses the passphrase usability issue entirely.
2. OCB is about having stronger, mathematically proven guarantees against ciphertext malleability .
@virebent This recently posted talk about the limits of formal proofs seems weirdly relevant:
https://blahaj.zone/notes/ajys4e6q1n7x002g
Yes, I know that we are using OCB3 now...
-
R relay@relay.infosec.exchange shared this topicR relay@relay.mycrowd.ca shared this topic
