Full Disclosure mailing list archives
Re: Time Expiry Alogorithm??
From: Florian Weimer <fw () deneb enyo de>
Date: Mon, 29 Nov 2004 22:55:50 +0100
* Andrew Farmer:
On 23 Nov 2004, at 15:02, Florian Weimer wrote:* Andrew Farmer:Especially considering that there aren't enough atoms in the universe to store all that precalculated data, nor enough energy to do all the calculations.Typically, such estimates ignore the possibilities of quantum superpositions.On the other hand, we have yet to create a practical quantum computer.
But you can't rule it out, either. If you are after a theoretic upper bound on computation, you have to take such possibilities into account. I don't claim that some particular algorithm or key size is insecure. I just want to point out that entropy-based arguments for the security of some algorithm against brute-force attacks are incorrect. (This still doesn't make the attacks feasible, of course.)
If quantum computing comes through (and I doubt it will), we'll all start using quantum encryption.
Quantum encryption doesn't help much because it does not protect against reencryption of the quantum channel by the attacker, only passive eavesdropping is impossible. From a practical point of view, the quantum key distribution algorithms we know today are as safe as Diffie-Hellman. The only thing QKD offers are some provable security properties. Current systems have a major drawback, too: You can't run the QKD protocols with someone who doesn't share some physical communication channel with you. This means that if some of the current quantum encryption protocols are deployed, it's likely that network operators can eavesdrop traffic at relay stations (which have to perform reencryption). Relying on well-designed symmetric ciphers with fairly large keys is probably the best choice indeed. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: Time Expiry Alogorithm??, (continued)
- Re: Time Expiry Alogorithm?? Anders Langworthy (Nov 20)
- Re: Time Expiry Alogorithm?? Anders Langworthy (Nov 20)
- Re: Time Expiry Alogorithm?? Pavel Kankovsky (Nov 21)
- RE: Time Expiry Alogorithm?? Tiago Halm (Nov 21)
- Re: Time Expiry Alogorithm?? Andrew Farmer (Nov 21)
- Re: Time Expiry Alogorithm?? Georgi Guninski (Nov 22)
- Re: Time Expiry Alogorithm?? Florian Weimer (Nov 22)
- Re: Time Expiry Alogorithm?? Andrew Farmer (Nov 23)
- Re: Time Expiry Alogorithm?? Florian Weimer (Nov 23)
- Re: Time Expiry Alogorithm?? Andrew Farmer (Nov 23)
- Re: Time Expiry Alogorithm?? Florian Weimer (Nov 29)
- Re: Time Expiry Alogorithm?? Pavel Kankovsky (Nov 23)
- Re: Time Expiry Alogorithm?? Vincent Archer (Nov 22)
- Re: Time Expiry Alogorithm?? Gautam R. Singh (Nov 20)