Colorful Security Question

Feb. 23rd, 2016 02:35 pm
ewx: (penguin)
[personal profile] ewx

https://en.wikipedia.org/wiki/Red/black_concept describes a notation sometimes used when discussing confidentiality:

  • red denotes signals carrying secret plaintext;
  • black denotes signals carrying ciphertext.

Is there any generally agreed coloring for the analogous integrity question? i.e.:

  • a color which denotes signals where integrity matters (or maybe this is "all of them" and we don't need a specific choice of color); and
  • a color which indicates a signal with cryptographic integrity protection of some kind.

Non-color visual notations also welcome for several reasons:

  1. things still get printed in monochrome;
  2. color vision is not uniform among humans;
  3. using too many color notations at once leads to angry fruit salad rather than clear diagrams.

Tags:
Flat | Top-Level Comments Only

Integrity

Date: 2016-02-23 08:55 pm (UTC)
From: [identity profile] martinbonner.livejournal.com
Once a signal has cryptographic integrity protection, you don't have to worry about an attacker manipulating the message (just as, once a signal is encrypted, you don't have to worry about the attacker reading it).

Signals that aren't protected like that, have to be protected in other ways (like keeping them inside a potted module).

Once you have that distinction, it is useful to be able to show them graphically.

Of course, manipulating a signal requires a more powerful attacker than reading it (it's the difference between Schneier's "Mallory" and "Eve" figures).
Flat | Top-Level Comments Only

Profile

ewx: (Default)
Richard Kettlewell
https://www.greenend.org.uk/rjk/

February 2025

S M T W T F S
      1
2345678
9101112131415
16171819202122
232425262728 

Most Popular Tags

Active Entries

Expand Cut Tags

No cut tags
Top of page