I'm going through my journal and pulling out some interesting bits. Here's some dialogue on computer security that I don't remember ever putting into a story, into a character's mouth:
"Kerckhoff's principle is that the security of your system must never rely on the secrecy of the algorithm but only on the secrecy of the key. The key is the one piece of data that must be protected and you should go in with the expectation that everything else, your encrypted data, your algorithm, your tools for producing the data are known to your enemies. I have seen it a hundred times, a company produces some allegedly secure system only to have it dismantled, exposed and compromised by a diligent hacker--because they did not heed Kerckhoff, they didn't understand his principle. People are fallible, and even great geniuses make a mistake now and then--probably more than that. Systems that rely on the secrecy of the algorithm are typically not created by great geniuses. Systems that rely on the secrecy of the algorithm may contain a simple, easily overlooked mistake, and rendered weak by it, to the point where recovering the key doesn't matter anymore because there will be easier ways to decipher the data. Security is a chain and it is the weakest link that will get most of the attention. Much of security analysis methodology is centered on looking for weak links in the system."
I can see why. As far as dialogue quality goes, try to avoid "methodology"--it's a suspense killer.
Recent Comments