Adi Shamir’s three laws of security

Computerworld informs about the on-line availability of the lectures given by Rivest, Shamir and Adleman when they received the 2002 ACM Turing Award.

I want to highlight Shamir’s three laws of security:

Absolutely secure systems do not exist
To halve your vulnerability, you have to double your expenditure
Cryptography is typically bypassed, not penetrated

The first two points show the importance of effective risk assessment while the third one emphasizes the fact that implementation flaws (opposed to algorithm design flaws) are usually the reason why systems using cryptography are subject to security breaches.

About this entry

You’re currently reading “Adi Shamir’s three laws of security,” an entry on Reality tunnels

Published:: 11.05.04 / 1am

Category:: security

No comments

Jump to comment form | comments rss [?] | trackback uri [?]

Have your say

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

About me

Homepage: superadditive.com

Tumblelog: jmbr.superadditive.com

Contact: drop me a line

Reality tunnels

Adi Shamir’s three laws of security

About this entry

No comments

Have your say

About me

Tags

Recent Posts

Archives

Recent Comments

Blogroll