Boring is also a desirable property of cryptography.
Boring cryptography is obviously secure.
The guiding principle for whether something is boring or not is the Principle of Least Astonishment. If I can, say, send you a ciphertext that was encrypted with an authenticated mode, and then decrypt it to two valid plaintexts using two different keys, this is astonishing even if the impact of it is negligible.
Boring cryptography is obviously secure.
The guiding principle for whether something is boring or not is the Principle of Least Astonishment. If I can, say, send you a ciphertext that was encrypted with an authenticated mode, and then decrypt it to two valid plaintexts using two different keys, this is astonishing even if the impact of it is negligible.