On 18/01/2019 02.18, Lew Wolfgang wrote:
On 1/17/19 4:31 PM, Carlos E. R. wrote:
On 17/01/2019 22.32, Lew Wolfgang wrote:
On 1/17/19 1:17 PM, Carlos E. R. wrote:
No. I'm saying that the term "security through obscurity" does not refer to having to guess the key or password. It refers to hiding the lock mechanism, to keeping the encryption method secret - because the instant it is known, the lock can be opened without knowing or guessing the password.. The "lock mechanism" of ssh is known, can it be opened without knowing or guessing the password? No
But you said that once the encryption method (not the key) is known the lock can be opened. SSH's encryption methods are open-source, they are known.
Exactly. And even knowing the method in detail, you still need the key to open it, so it is not "security through obscurity"
The mechanism of a doorknob lock is known, the one good key is obfuscated by hiding it among all the keys that won't work. Security through obscurity! No, that is not obfuscation.
I have 2000 different keys. One of those keys work in my door lock. To keep Per from sneaking in and drinking all of my beer, I put all 2000 keys in a bag and hang it on the front door. The one good key is hidden among 1999 other ones. It's obscured, isn't it? If not, what is it?
This is a bit contrived, people don't put a bag of keys by the door. If you do that, you are changing the premises. Still, I don't think that is obfuscation; it would be similar to posting a list of passwords with one correct. Even so, the key lock system is not using obfuscation, just a small set of possible password combinations. However. Keylocks. Someone, somewhere, at some prison, used the inmates to assemble some brand door locks. The inmates got thus intimate knowledge of how the lock worked, and designed a system to break it. Soon all the thieves in the country knew how to open those locks easily. That is security through obscurity, and it was found out :-p Compared to analysts finding a debility in some encryption software allowing to break the codes easily. -- Cheers / Saludos, Carlos E. R. (from 15.0 x86_64 at Telcontar)