Chris Lawrence wrote:

> On Mon, 11 Sep 2006, Non scrivetemi wrote:
>
> > > > None of those things use obscurity in any significant way to provide
> > > > security. Even your car key relies on provable mathematical formula and
> > > > the probability that a thief can't try all possible keys in any
> > > > practical span of time. Passwords and encryption (remailers) rely on
> > > > hard mathematics even more so than your auto's locks, and are
> > > > consequently even harder to "crack". Assuming passwords of sufficient
> > > > strength of course, which is a contradiction to passwords that are
> > > > merely obscure.
> > >
> > > The point is that the keys and passwords protect the car and the files.
> > > Obscurity protects the keys and the passwords.
> >
> > Obviously not. Keys and passwords aren't secure because they're
> > obscure, they're secure because they're made physically so.
>
> I'm not talking about security of keys and passwords, I'm talking about
> the security of the protection of keys and passwords. Car keys are
> quite intrinsically secure but you still have to hide them from
> strangers.

Yes. That's physical security, not obscurity. There's a difference.
Physical security is keeping possession of your keys and not letting a
car thief have them. Obscurity would be tossing them on the ground
somewhere near your car and hoping a thief doesn't recognize that
they're car keys.

> Ultimately the security of your vehicle comes down to how
> well you hide your keys (given that the ignition can't be defeated due
> to its intrinsic security). In otherwords the ignition is safe because
> the key system is strong. The key is safe because you don't know how to
> get it.

Actually that's not true at all. In most cases a car thief knows
exactly how to get your keys. They're not obscured at all, the thief
knows they're right there in your pocket. Or inside the house where
your car is parked, or at the mall where you're shopping.

>
> > > That's what he was
> > > saying. Ultimately your car and files are safe because you hide your
> > > keys and passwords from strangers.
> >
> > False. There's a huge difference between obscurity and physical
> > security.
>
> You need to make the separation between the intrinsic security of the
> key and the security in managing the key.

I've made that distinction from the beginning. You need to understand
the difference between physical security and obscurity.


> If I choose a strong password
> for a well protected service that is good, but it's only safe because a)
> you can't guess it, by definition and b) you can't access mine. And you

Exactly. It's both cryptographically secure and physically secure.
OTOH, if you rely on obscurity by writing your password on a sticky
note and keeping it under your keyboard your security is likely to fail.

> can't access mine because I hide it from you. Ultimately it comes down

You haven't hidden anything from me. I know exactly where that password
is, and how to get it. If it were worth my time to so so I'd be able
to plan and execute an "attack" on you and own your password. Obscurity
relies on dumb luck, not the fact that you might be bigger and
stronger than me, better armed, or the fact that your password just
isn't valuable enough for me to bother with you. Your physical
security matches the value of your password. If what you're protecting
is state secrets, you might even have an entire military at your
disposal. :)

> to something I know that you don't know. That's security through
> obscurity.
>
> Trouble is people chant the "security by obscurity never works" mantra

People don't chant that at all. It may in deed work on occasion. Blind
squirrels find nuts on occasion too, but that doesn't make blind
squirrels competent food gatherers. Even though they might find the
occasional nut, they're still likely to starve in the end.

> so blithely, seemingly trying to look good by association with their
> equally noisy peers.
>