Re: "The State of Crypto" and simple use protocols
From: John Savard (jsavard_at_ecn.aSBLOKb.caNADA.invalid)
Date: 12/19/03
- Next message: Simon Johnson: "Re: Good enough for crypto?"
- Previous message: Danilo Gligoroski: "Re: Formulae for Latin squares of size 2^n"
- In reply to: RDJ: ""The State of Crypto" and simple use protocols"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 19 Dec 2003 07:07:34 GMT
On Thu, 18 Dec 2003 12:34:00 -0500 (EST), RDJ <r@d.j> wrote, in part:
>I recently saw Adi Shamir give a 50,000 ft. view of "The State of
>Crypto" today. His assessment was that the crypto community is doing
>pretty well: we have solid mathematical foundations for much of the
>field, with stream ciphers being the only area where he thinks the
>intelligence community is far ahead. This seems accurate; 3DES and DH
>PKC have more-or-less withstood three decades of cryptanalysis in the
>open literature, and even quantum computing won't radically alter the
>status quo, as Chaitin pointed out recently while giving his opinion
>that P!=NP.
Quantum cryptography is, of course, totally unimportant, since it's
WAY easier to just securely carry CD-ROM one-time pads from one place
to another than to rig up an elaborate spin particle beam.
What quantum computing might do, if we get it, though, is rather hard
to predict.
I can't disagree with his assessment that the crypto community is
doing pretty well. It's doing *amazingly* well, compared to what one
might have expected it to do in so short a time. On the other hand, by
some other standards, one _could_ also argue that we don't have any
real solid mathematical foundations for anything important.
Except for the one-time-pad, we don't know how secure any cipher is,
because we can't predict what things mathematicians will discover
tomorrow!
If Adi Shamir wants to dismiss that as a fair complaint about the
achievements of the crypto community, though, I won't criticize him. I
think this *is* asking the impossible. (Long-time participants in this
group will of course recall that I've bashed Terry Ritter on this
particular point often enough.)
But, all the same, it isn't good to forget that 'doing well' is not
the same thing as 'having solved the problem'. Although microprocessor
power allows such elaborate ciphers to be used as to permit some
degree of... hope... that our ciphers are secure, it is still just
hope, and not knowledge.
John Savard
http://home.ecn.ab.ca/~jsavard/index.html
- Next message: Simon Johnson: "Re: Good enough for crypto?"
- Previous message: Danilo Gligoroski: "Re: Formulae for Latin squares of size 2^n"
- In reply to: RDJ: ""The State of Crypto" and simple use protocols"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
