Rationalising the Winds of Change
in [Cryptography]
|
Prev: DATA MINING 2010: 1st call extension – until 24 May 2010
Next: VBScript implementation of AES encryption
From: adacrypt on 4 May 2010 06:45 .. All cryptography for thousands of years has been encapsulation cryptography. The resources of both cryptographers and cryptanalysts of the day were bounded by the limitations of human intelligence and human endeavour, long-hand computational methods were de rigueur, there were no mechanical computers worth talking about in cryptography. For all that cryptanalysts were never far behind the cryptographers in breaking codes and ciphers down through the centuries. All that changed however with the advent of computers when cryptography became number-theoretic round about the 1970s. The frontiers of computational strength were expanded enormously by the computers and although cryptographers were slow to avail of this initially the industry has caught up with itself now and is addressing number-theoretic cryptography properly today. Although cryptanalysts and cryptographers are still neck and neck in the race for supremacy the industry has clearly become computer- dependent over their heads and the goal posts now are dictated by what the computer industry may come up with in the way of new powerful computers that will enable brute forcing of the encapsulation ciphers currently being used by the secure communications industry. The only antidote to this is to stop using encapsulation cryptography and go over to the one-way trapdoor (mutual database cryptography) ciphers that I am advocating This requires no hard sell to anyone with half an ounce of brains promoting this obvious change is simply pushing against an open door. This is the most profound analysis of modern cryptography that you will ever read. My cryptography disables brute forcing in cryptography for evermore and makes all cryptography independent of computer power once again in the process. - adacrypt.
From: WTShaw on 4 May 2010 14:10 On May 4, 5:45 am, adacrypt <austin.oby...(a)hotmail.com> wrote: > . > > All cryptography for thousands of years has been encapsulation > cryptography. The resources of both cryptographers and cryptanalysts > of the day were bounded by the limitations of human intelligence and > human endeavour, long-hand computational methods were de rigueur, > there were no mechanical computers worth talking about in > cryptography. > > For all that cryptanalysts were never far behind the cryptographers > in breaking codes and ciphers down through the centuries. > > All that changed however with the advent of computers when > cryptography became number-theoretic round about the 1970s. The > frontiers of computational strength were expanded enormously by the > computers and although cryptographers were slow to avail of this > initially the industry has caught up with itself now and is addressing > number-theoretic cryptography properly today. > > Although cryptanalysts and cryptographers are still neck and neck in > the race for supremacy the industry has clearly become computer- > dependent over their heads and the goal posts now are dictated by what > the computer industry may come up with in the way of new powerful > computers that will enable brute forcing of the encapsulation ciphers > currently being used by the secure communications industry. > > The only antidote to this is to stop using encapsulation cryptography > and go over to the one-way trapdoor (mutual database cryptography) > ciphers that I am advocating > This requires no hard sell to anyone with half an ounce of brains > promoting this obvious change is simply pushing against an open > door. > > This is the most profound analysis of modern cryptography that you > will ever read. My cryptography disables brute forcing in > cryptography for evermore and makes all cryptography independent of > computer power once again in the process. - adacrypt. This conclusion is not good as there are algorithms that cannot be brute forced as insufficient data will make them infeasible to attack exactly as Shannon suggested. People doing short-sighted encryption is no excuse for reasoning that you have the only and best answer because your answer is neither the only positive one not the best; This latest bright idea is dim by example based on contrary evidence, just logic not speculation. Keep trying but please look above your shoe laces. Also, I for one even look beyond the popular Bag'OWind hypothetical hysteria that computers will stay sufficiently slow to allow longer and longer "modern cipher keys" to be good for x number of years past each predictable gulp. Try using mutual data based encryption in marginal deep-space communications.
From: Gordon Burditt on 4 May 2010 16:20 >The only antidote to this is to stop using encapsulation cryptography >and go over to the one-way trapdoor (mutual database cryptography) >ciphers that I am advocating � >This requires no hard sell to anyone with half an ounce of brains � >promoting this obvious change is simply pushing against an open >door. The ciphers you are advocating have enormous administrative problems. You haven't addressed that problem at all. No one with half a brain is going to take seriously a cipher with the disadvantages: - You can only decrypt a message once. - If messages are lost, corrupted, duplicated, or arrive out of order and the recipient tries to decrypt a message out of order, the communication channel is now screwed up and useless. And the sender has no way to know this and the recipient may have no way to tell him. - It requires a secure channel to be used on a moment's notice to un-screw-up communications (why not just USE it instead?) - There's no way to tell which communication channel the message belongs to. Making an error gets the communication channel you tried out of sync. - If the enemy sends just about *anything* that looks like a message, and the recipient tries to decrypt it, the enemy has sucessfully shut off communications in a denial-of-service attack. RSA or RSA-with-symmetric-session-key has none of these problems. For much the same reason, no one is going to accept even a million-miles-a-gallon car with the restrictions: - The fuel has to be manufactured for THAT specific car, and that takes 3 months. - Fuel explodes if it remains unused for half an hour after manufacture. - You have to give the car 5 hour advance notice of left turns and having to stop.
From: Bruce Stephens on 4 May 2010 17:32 adacrypt <austin.obyrne(a)hotmail.com> writes: [...] > Although cryptanalysts and cryptographers are still neck and neck in > the race for supremacy Evidence? > the industry has clearly become computer- dependent over their heads > and the goal posts now are dictated by what the computer industry may > come up with in the way of new powerful computers that will enable > brute forcing of the encapsulation ciphers currently being used by the > secure communications industry. Apart from you, who thinks that? Do you know anybody anywhere in the world (apart from science-fiction authors) who's worried about brute force attacks against (say) 128-bit AES? [...]
From: WTShaw on 5 May 2010 22:38
On May 4, 4:32 pm, Bruce Stephens <bruce+use...(a)cenderis.demon.co.uk> wrote: > adacrypt <austin.oby...(a)hotmail.com> writes: > > [...] > > > Although cryptanalysts and cryptographers are still neck and neck in > > the race for supremacy > > Evidence? > > > the industry has clearly become computer- dependent over their heads > > and the goal posts now are dictated by what the computer industry may > > come up with in the way of new powerful computers that will enable > > brute forcing of the encapsulation ciphers currently being used by the > > secure communications industry. > > Apart from you, who thinks that? Do you know anybody anywhere in the > world (apart from science-fiction authors) who's worried about brute > force attacks against (say) 128-bit AES? > > [...] I'm not "worried" about AES but it does seem rather a lottery problem in which guessing can actually work. The characteristic of a cipher that can have a solution confirmed with a wee amount of characters is however most short-sighted when other alternatives that are much stronger than AES and a longer intercity are preferable. Ciphers with extreme variations in key lengths, all of which work, make strength selectable if there is no clear clue as to the selection. Then, there is the AES key management problem where rather a cottage industry has already cropped up. |