LISTSERV - HP3000-L Archives

HP3000-L Archives

January 2001, Week 3

HP3000-L@RAVEN.UTC.EDU

	LISTSERV Archives
	HP3000-L Home
	HP3000-L January 2001, Week 3

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: Data encryption for the HPe3000
From:	Gavin Scott <[log in to unmask]>
Reply To:	Gavin Scott <[log in to unmask]>
Date:	Tue, 16 Jan 2001 13:36:08 -0800
Content-Type:	text/plain
Parts/Attachments:	text/plain (42 lines)

Wirt writes:
> Gavin caustically replies:

Sorry.  The level of fuzzy thinking in the world is making me grumpy today.

> >  > 128 bit, is breakable if you know how and have a little time.
> >
> >  Care to cite a reference?  This statement is nonsense.
>
> All security is an illusion. Even if a code is "unbreakable" in the
> computational sense, getting the information contained in the code isn't
> normally all that hard -- if you're really interested. In general, all you
> have to do is ask someone for it and they're generally pleased to help.

I was complaining about the feeling a lot of people seem to have that
breaking a 128-bit crypto system is only about twice as hard as a 64-bit
one, and that there are "tricks" you can use if you're really clever, so it
really doesn't matter how many "bits" you have because the NSA will be able
to break it no matter what.

Getting actual "security" out of an encryption algorithm is very difficult
as Wirt rightly points out, since people will almost certainly attack
something other than your encryption if they want your data.

But it's wrong to just assume that a well known 128-bit encryption algorithm
can be broken using some clever tricks or "a little time", since most such
algorithms have no known (or suspected or even imagined) attacks that are
faster than a brute-force search of the keyspace, and searching a 128-bit
key space will require, on average, testing
170,141,183,460,469,231,731,687,303,715,884,105,728 different keys, and if
you can do a thousand trillion tests per second it's still going to take
5,391,448,762,278,159 years just to break one key.

Building a perfectly secure "house" is very hard, but it's not because the
materials you're building the house out of are defective.  The individual
"bricks" required (such as strong cryptography) are *extremely* strong (in
most cases perfect for all practical purposes), and provide a solid
mathematical foundation.  The problems tend to be with the occupants of the
house, who insist on leaving the windows open and the back door unlocked.

G.

ATOM RSS1 RSS2

RAVEN.UTC.EDU