Slide 10 of 23
Notes:
That “all secrecy should reside in the key” is Kerckhoff’s Maxim.
The best way to decide among the tradeoffs is by understanding the threats. More on this later.
When keeping something secret, assign a value to what is being protected, and protect the key “that much”. As the thing gets more valuable, use a better key. DES encryption is probably fine for most of our love letters (perhaps not Bill Clinton’s though).
Then again, stronger keys don’t cost much (except to manage them, or export them).
When keeping something secret, assign a cost to losing it… then make sure you put that amount of effort into remembering the key. Corporate key recovery really does make some sense.
