ewx | Colorful Security Question

You're viewing

ewx's journal
Create a Dreamwidth Account Learn More

Reload page in style: site light

ewx

https://en.wikipedia.org/wiki/Red/black_concept describes a notation sometimes used when discussing confidentiality:

red denotes signals carrying secret plaintext;
black denotes signals carrying ciphertext.

Is there any generally agreed coloring for the analogous integrity question? i.e.:

a color which denotes signals where integrity matters (or maybe this is "all of them" and we don't need a specific choice of color); and
a color which indicates a signal with cryptographic integrity protection of some kind.

Non-color visual notations also welcome for several reasons:

things still get printed in monochrome;
color vision is not uniform among humans;
using too many color notations at once leads to angry fruit salad rather than clear diagrams.

Flat | Top-Level Comments Only

From:

ewx.livejournal.com

It's a good point; trying to represent it on a detailed protocol diagram would be tricky, I think a spatial indication (e.g. a line extending from the signature to a box containing the kx messages) would be more appropriate there. Perhaps having it 'fade out' as it went back in time would be a good way to indicate that it was retroactive.

But, for my immediate purposes, I'm representing things at least one abstraction level up from that, if not two - my diagram doesn't even state exactly what protocol is in use (the surrounding text does and in fact it's also a fixed part of the context, because this is really a small improvement to a long-established system).

In the confidentiality case it suffices to draw red lines inside a box and black lines between boxes; I'm just looking for an analogous way of indicating that there are some worthwhile integrity protection properties too, ideally something that I can do easily in Gliffy l-)