Re: Crypto Mini-FAQ
From: Mok-Kong Shen (mok-kong.shen_at_t-online.de)
Date: 01/20/04
- Next message: Alex: "q | (p-1)"
- Previous message: Richard Heathfield: "Re: Weak keys in CDX-2"
- In reply to: Lassi Hippeläinen : "Re: Crypto Mini-FAQ"
- Next in thread: Mok-Kong Shen: "Re: Crypto Mini-FAQ"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 20 Jan 2004 22:43:38 +0100
Lassi Hippeläinen wrote:
>
[snip]
> The only cryptoalgorithm that the academics have been able to prove
> secure is useless in real life. So we practising engineers have to live
> with the unproven kind, with all the mumbling, handwaving, and woodoo
> that comes with them. Maybe I should propose a conjecture: all good
> algorithms fall to Gödel's category "unable to prove either secure or
> insecure" ;-)
It seems intuitively clear that there can never be
a rigorous yet 'practically' applicable unit of
measure of 'strength' of crypto algorithms similar
to metre, second etc. in physics. So much of security
evaluation has to be more or less subjective. Actually
what faces engineers (I am referring to the fields like
mechanical engineering etc. that belong conventionally
to 'engineering') is not much essentially different,
for they also have 'unknowns'/unpredictables. What
they do is to apply in their designs a factor of safety,
which is somehow determined subjectively with reference
to experiences and certain empirical tests (full scale
or models). However, in crypto one could barely do
tests in the sense of engieering in my view. What makes
the whole even worse is the fact that there are secrets
of knowledge (apparently the agencies have certain
knowledge which they don't share with the public for
their good reasons), while this is not the case with
engineering, which is entirely public. I think that
these two factors essentially make one feel the
uncertainty in crypto uncomfortable in comparison to
the uncertainty in engineering which most people
generally take for granted.
M. K. Shen
- Next message: Alex: "q | (p-1)"
- Previous message: Richard Heathfield: "Re: Weak keys in CDX-2"
- In reply to: Lassi Hippeläinen : "Re: Crypto Mini-FAQ"
- Next in thread: Mok-Kong Shen: "Re: Crypto Mini-FAQ"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
