"Uncrackable Cryptography"
 

http://it.slashdot.org/story/13/05/2...e-cryptography

So, what do you say is in "uncrackable" ?

I say how crackable it is depends a lot on your RNG.

http://www.technologyreview.com/view...ng-impossible/

Are they really ? I'm quite sure that true random numbers or ever cryptographically secure random numbers are very difficult to come by and difficult to verify these days. The diffusing glass approach in this article is not convincing either.

Also see:
https://en.wikipedia.org/wiki/One-time_pad#Problems

Way easier to crack/hack the human elements.

yep there will always be a " PEBCK /"PEBCAK"

Years ago, not having a password was a show-stopper, Now it is merely an inconvenience.
and tomorrow some "guy" will show up with a cryptographic version of the Dresden Codex.

We live in interesting times.

Martin Bishop out.

We have those. They're called rainbow tables.

Isn't the scheme described in the original paper just Diffie–Hellman–Merkle with novel key generation?

I don't believe in uncrackable encryption.

It looks like the scheme they describe requires meeting to securely establish a shared secret before hand; unlike Diffie–Hellman–Merkle.

Ah, true. So more like a physical version.

this reminds me the movie when one hacker try to hack a system (for $). I cannot remember me the name of the movie, maybe swordfish?

:D Swordfish where he writes a virus in AutoCAD and comments his intrusion code while he's trying to breech a system as quickly as possible.

What man can invent another man can reverse engineer!
 

I support jefro.
I will stick my neck out and state Nothing is uncrackable, given the time and resource's.
Prime Minister Churchill was of the same mind, thankfully or else a different regime would rule the Western world.
Trev

Mathematics proves you wrong:
http://en.wikipedia.org/wiki/Quantum_key_distribution
http://en.wikipedia.org/wiki/One_time_pad
Of course, we tend to trade security for convenience but there's no need to say one has to.

"It should be noted that the researchers categorically state that while McEliece's algorithm cannot be cracked by current quantum cryptography attacks, they are not taking any bets on whether it can withstand attacks dreamt up in the future."

http://www.theinquirer.net/inquirer/...on-uncrackable


The security of a scheme is only dependent on all parts being secret. Any fraction of the key or scheme or any part of the data may result in the entire data being decoded. You know the big governments have super computers working on all this right now. Remember when pgp was in trouble for being uncrackable until the US cracked it.

That is true but with a one time pad you can only know the key to the plaintext that you have if you have both plaintext and cyphertext -- you cannot know or infer the key to any other cyphertext. There is no mathematical attack against it. It is 100% uncrackable, always has been and always will be.
So, then you are left with the very difficult job of key distribution. This is where the plan usually falls down in the real world when people reuse keys or lose codebooks. This is what things like quantum key exchange are there for. Theoretically speaking quantum key exchange is unbreakable -- now it will take many decades to make that theory practice.

As to the original scheme -- I agree that it sounds like it will be broken at some point in the future but I think it sounds like it may work in some situations for long enough to be worth looking at.

No, do you have some references to that? Anyway, theoretically uncrackable encryption doesn't mean you automagically have a 100% secure system, the cryptography is only a small part of it.

The intended "Catch-22s" of the one-time pad ... which is, after all, a theoretical system ... are these:

1. The totally-random key must somehow be conveyed to the intended recipient and to the intended sender, and none other, by some presumably über-secret means. [i]"But if you had that magic-carpet, why not just send the message that way?"
2. If anyone, by any means (say, a .45 in your gut) ever obtains the "secret" key, he can impersonate you.
3. If you ever run out of key, you can't send messages anymore. A replacement key can never be "sent to you."

What's a practical cryptosystem? How about VPN, or "https?" Completely transparent to both authorized-sender and authorized-recipient, yet a more than sufficient deterrent to "Eve" (unless she works for one of those secret agencies with three-letter acronyms).

Also see:
http://news.sciencemag.org/physics/2...phy-safe-again

Note that quantum key distribution is just a way to distribute a key for an encryption algorithm. Not only can the key be intercepted, but the encryption is only as strong as the algorithm +- potential backdoors for the NSA.

I don't see how this solves absolutely anything. I think they just like the sound of "quantum", something mysterious, poorly understood, and wildly random and chaotic. Really it's just an attempt at using polarized photons to send keys out in the open. I bet if they called it "polarized photon plaintext key distribution", nobody would ever speak of it again.

Yes, it's as method of key distribution. Once you can securely trade keys if those keys are a one-time-pad then you've got uncrackable encryption. The NSA can't decrypt a one-time-pad because it is impossible.
True, if you buy your key-exchange apparatus off the shelf then, perhaps, somebody made it somehow compromised but with an open specification the key exchange method can be verified and any back doors found.
If you just want an uncrackable encryption scheme right now to use with your own data you can find a true RNG and put a load of bits onto a hard drive and use that as a one-time-pad and you're golden. This is how uncrackable encryption has been done in the past and will continue to be done in the future. It's not some unattainable, magical goal just so expensive and cumbersome that most people do something else.

You can't really buy it off the shelf because you need a fiber optic cable to do it.

A TRNG is difficult to find. I'm current trying to build one from various cheap parts, maybe patent it and sell it.

The computer itself is not secure, so if someone has a backdoor into your computer, the one-time-pad is not secure running on this computer.

As I understand it there are people who will sell you a quantum encryption setup and no-doubt there are a good many struggling PHDs who would help you verify it for a fee.
I'm not suggesting that absolute security can be attained but simply stating that the encryption side of things is a solved problem and everything going on now is to make things more convenient, cheaper, or avoid the most common avenues of local attack also. Absolutely secure encryption can and, indeed, does exist and is in use.

True but that doesn't mean there can't be useful encryption in place that would take too much time to decrypt and by the time it would be cracked..contents wouldn't matter anymore since new ones would be more important and up2date. :)