The strength of a cryptographic system usually has less to do with its design than with the way people tend to use it. Humans are the weak link. Instead of changing keys or passwords at regular intervals, we use the same ones over and over, for weeks or months or years. We repeat the same words (such as “secret”) at the start of multiple messages, or repeat entire messages multiple times, giving codebreakers a foothold. We choose key phrases that are easy to guess: words related to where we live or work, our occupation, or to whatever project we’re working on at the moment. A couple of human
...more
