I got the link from an interview here: http://threatpost.com/en_us/blogs/crypto-legend-ron-rivest-working-replacement-broken-ssl-system-092811

]]>As derived from nuclear deterrence, working with game theory on military strategies is an interesting approach. However, I do believe that while for nuclear warfare it was quite doable, it will be pretty difficult to do with cyber warfare - if considering it within a mathematical framework.

]]>"In 1928 von Neumann published his seminal article, "Theory of Parlor Games," in which he discussed bluffing in poker, addressed the economic and military applications of game theory, and developed the "minimax" strategy where decision makers attempt to minimize the maximum amount of losses other decision makers can inflict."

Source: http://www.referenceforbusiness.com/encyclopedia/For-Gol/Game-Theory.html

]]>

The flaw is that they propose some framework to model these cyber security problems, but because of the computational complexity of solving these problems, they only consider very simple examples.

This would be ok if you could take the analysis of this simple problem and make some general statements that provide insight into the bigger problems. But with this setup and many others, you can't make these generalizations.

Therefore, I feel the value add for these types of theoretical papers on cyber security are very limited