LinuxQuestions.org
View the Most Wanted LQ Wiki articles.
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > General
User Name
Password
General This forum is for non-technical general discussion which can include both Linux and non-Linux topics. Have fun!

Notices

Reply
 
Search this Thread
Old 05-23-2013, 08:07 AM   #1
H_TeXMeX_H
Guru
 
Registered: Oct 2005
Location: $RANDOM
Distribution: slackware64
Posts: 12,928
Blog Entries: 2

Rep: Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269Reputation: 1269
"Uncrackable Cryptography"


http://it.slashdot.org/story/13/05/2...e-cryptography

Quote:
"One-time pads are the holy grail of cryptography — they are impossible to crack, even in principle. However, the ability to copy electronic code makes one-time pads vulnerable to hackers. Now engineers at the California Institute of Technology in Pasadena, have found a way round this to create a system of cryptography that is invulnerable to electronic attack. Their solution is based on a special kind of one-time pad that generates a random key through the complexity of its physical structure, namely shining a light through a diffusive glass plate."
So, what do you say is in "uncrackable" ?

I say how crackable it is depends a lot on your RNG.

Quote:
The security of this process depends on two factors. The first is the randomness of the digits that make up the one-time pad. If this key is truly random, it offers nothing the eavesdropper can use to break the code. Although there are some potential pitfalls, random digits are reasonably straightforward to generate these days.
http://www.technologyreview.com/view...ng-impossible/

Are they really ? I'm quite sure that true random numbers or ever cryptographically secure random numbers are very difficult to come by and difficult to verify these days. The diffusing glass approach in this article is not convincing either.

Also see:
https://en.wikipedia.org/wiki/One-time_pad#Problems

Quote:
The theoretical perfect security of the one-time-pad applies only in a theoretically perfect setting; no real-world implementation of any cryptosystem can provide perfect security because practical considerations introduce potential vulnerabilities. These practical considerations of security and convenience have meant that the one-time-pad is, in practice, little-used. Implementation difficulties have led to one-time pad systems being broken, and are so serious that they have prevented the one-time pad from being adopted as a widespread tool in information security.

One-time pads solve few current practical problems in cryptography. High quality ciphers are widely available and their security is not considered a major worry at present. Such ciphers are almost always easier to employ than one-time pads; the amount of key material which must be properly generated and securely distributed is far smaller, and public key cryptography overcomes this problem.[16]
 
Old 05-23-2013, 09:20 AM   #2
vmccord
Member
 
Registered: Jun 2012
Location: Lawrence, KS
Distribution: Mostly CentOS
Posts: 46
Blog Entries: 24

Rep: Reputation: Disabled
Way easier to crack/hack the human elements.
 
Old 05-23-2013, 02:53 PM   #3
John VV
Guru
 
Registered: Aug 2005
Posts: 12,669

Rep: Reputation: 1684Reputation: 1684Reputation: 1684Reputation: 1684Reputation: 1684Reputation: 1684Reputation: 1684Reputation: 1684Reputation: 1684Reputation: 1684Reputation: 1684
yep there will always be a " PEBCK /"PEBCAK"
 
Old 05-23-2013, 05:16 PM   #4
Habitual
Senior Member
 
Registered: Jan 2011
Distribution: Slack14_64_Multilib
Posts: 3,074
Blog Entries: 4

Rep: Reputation: 743Reputation: 743Reputation: 743Reputation: 743Reputation: 743Reputation: 743Reputation: 743
Years ago, not having a password was a show-stopper, Now it is merely an inconvenience.
and tomorrow some "guy" will show up with a cryptographic version of the Dresden Codex.

We live in interesting times.

Martin Bishop out.

Last edited by Habitual; 05-23-2013 at 05:18 PM.
 
Old 05-23-2013, 05:38 PM   #5
dugan
Senior Member
 
Registered: Nov 2003
Location: Canada
Distribution: distro hopper
Posts: 4,564

Rep: Reputation: 1394Reputation: 1394Reputation: 1394Reputation: 1394Reputation: 1394Reputation: 1394Reputation: 1394Reputation: 1394Reputation: 1394Reputation: 1394
Quote:
Originally Posted by Habitual View Post
And tomorrow some "guy" will show up with a cryptographic version of the Dresden Codex.
We have those. They're called rainbow tables.
 
Old 05-23-2013, 06:28 PM   #6
273
Senior Member
 
Registered: Dec 2011
Location: UK
Distribution: Debian Sid AMD64&i386, Raspbian Jessie, various VMs
Posts: 3,213

Rep: Reputation: 757Reputation: 757Reputation: 757Reputation: 757Reputation: 757Reputation: 757Reputation: 757
Isn't the scheme described in the original paper just Diffie–Hellman–Merkle with novel key generation?
 
Old 05-23-2013, 08:56 PM   #7
jefro
Guru
 
Registered: Mar 2008
Posts: 11,116

Rep: Reputation: 1362Reputation: 1362Reputation: 1362Reputation: 1362Reputation: 1362Reputation: 1362Reputation: 1362Reputation: 1362Reputation: 1362Reputation: 1362
I don't believe in uncrackable encryption.
 
Old 05-24-2013, 11:58 AM   #8
ntubski
Senior Member
 
Registered: Nov 2005
Distribution: Debian
Posts: 2,396

Rep: Reputation: 814Reputation: 814Reputation: 814Reputation: 814Reputation: 814Reputation: 814Reputation: 814
Quote:
Originally Posted by 273 View Post
Isn't the scheme described in the original paper just Diffie–Hellman–Merkle with novel key generation?
It looks like the scheme they describe requires meeting to securely establish a shared secret before hand; unlike Diffie–Hellman–Merkle.
 
Old 05-24-2013, 12:07 PM   #9
273
Senior Member
 
Registered: Dec 2011
Location: UK
Distribution: Debian Sid AMD64&i386, Raspbian Jessie, various VMs
Posts: 3,213

Rep: Reputation: 757Reputation: 757Reputation: 757Reputation: 757Reputation: 757Reputation: 757Reputation: 757
Quote:
Originally Posted by ntubski View Post
It looks like the scheme they describe requires meeting to securely establish a shared secret before hand; unlike Diffie–Hellman–Merkle.
Ah, true. So more like a physical version.
 
Old 05-27-2013, 11:01 AM   #10
patrick295767
Member
 
Registered: Feb 2006
Distribution: Debian
Posts: 275

Rep: Reputation: 39
this reminds me the movie when one hacker try to hack a system (for $). I cannot remember me the name of the movie, maybe swordfish?
 
Old 05-27-2013, 11:07 AM   #11
273
Senior Member
 
Registered: Dec 2011
Location: UK
Distribution: Debian Sid AMD64&i386, Raspbian Jessie, various VMs
Posts: 3,213

Rep: Reputation: 757Reputation: 757Reputation: 757Reputation: 757Reputation: 757Reputation: 757Reputation: 757
Swordfish where he writes a virus in AutoCAD and comments his intrusion code while he's trying to breech a system as quickly as possible.
 
Old 05-27-2013, 11:25 AM   #12
trevoratxtal
Member
 
Registered: Dec 2012
Location: South Devon, UK
Distribution: PCLinuxOS, Suse, Mint, Puppy.
Posts: 35

Rep: Reputation: 3
Thumbs up What man can invent another man can reverse engineer!

I support jefro.
Quote:
Originally Posted by jefro View Post
I don't believe in uncrackable encryption.
I will stick my neck out and state Nothing is uncrackable, given the time and resource's.
Prime Minister Churchill was of the same mind, thankfully or else a different regime would rule the Western world.
Trev

Last edited by trevoratxtal; 05-28-2013 at 12:28 AM.
 
Old 05-27-2013, 11:30 AM   #13
273
Senior Member
 
Registered: Dec 2011
Location: UK
Distribution: Debian Sid AMD64&i386, Raspbian Jessie, various VMs
Posts: 3,213

Rep: Reputation: 757Reputation: 757Reputation: 757Reputation: 757Reputation: 757Reputation: 757Reputation: 757
Quote:
Originally Posted by trevoratxtal View Post
I support jefro.

I will stick my neck out and state Nothing is uncrackable, given the time and recourse's.
Prime Minister Churchill was of the same mind, thankfully or else a different regime would rule the Western world.
Trev
Mathematics proves you wrong:
http://en.wikipedia.org/wiki/Quantum_key_distribution
http://en.wikipedia.org/wiki/One_time_pad
Of course, we tend to trade security for convenience but there's no need to say one has to.
 
Old 05-27-2013, 07:12 PM   #14
jefro
Guru
 
Registered: Mar 2008
Posts: 11,116

Rep: Reputation: 1362Reputation: 1362Reputation: 1362Reputation: 1362Reputation: 1362Reputation: 1362Reputation: 1362Reputation: 1362Reputation: 1362Reputation: 1362
"It should be noted that the researchers categorically state that while McEliece's algorithm cannot be cracked by current quantum cryptography attacks, they are not taking any bets on whether it can withstand attacks dreamt up in the future."

http://www.theinquirer.net/inquirer/...on-uncrackable


The security of a scheme is only dependent on all parts being secret. Any fraction of the key or scheme or any part of the data may result in the entire data being decoded. You know the big governments have super computers working on all this right now. Remember when pgp was in trouble for being uncrackable until the US cracked it.
 
Old 05-27-2013, 07:29 PM   #15
273
Senior Member
 
Registered: Dec 2011
Location: UK
Distribution: Debian Sid AMD64&i386, Raspbian Jessie, various VMs
Posts: 3,213

Rep: Reputation: 757Reputation: 757Reputation: 757Reputation: 757Reputation: 757Reputation: 757Reputation: 757
Quote:
Originally Posted by jefro View Post
The security of a scheme is only dependent on all parts being secret. Any fraction of the key or scheme or any part of the data may result in the entire data being decoded. You know the big governments have super computers working on all this right now. Remember when pgp was in trouble for being uncrackable until the US cracked it.
That is true but with a one time pad you can only know the key to the plaintext that you have if you have both plaintext and cyphertext -- you cannot know or infer the key to any other cyphertext. There is no mathematical attack against it. It is 100% uncrackable, always has been and always will be.
So, then you are left with the very difficult job of key distribution. This is where the plan usually falls down in the real world when people reuse keys or lose codebooks. This is what things like quantum key exchange are there for. Theoretically speaking quantum key exchange is unbreakable -- now it will take many decades to make that theory practice.

As to the original scheme -- I agree that it sounds like it will be broken at some point in the future but I think it sounds like it may work in some situations for long enough to be worth looking at.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
What are the options "Nosuid" "mode" "size" in /etc/fstab? tuxfiles.org does not help pstein Linux - Newbie 1 11-16-2012 12:58 AM
unpredictable "delete" "move to trash" or "cut" file menu option dorianrenato Linux - General 3 11-28-2011 06:41 PM
net working eth0 eth1 wlan0 "no connection" "no LAN" "no wi-fi" Cayitano Linux - Newbie 5 12-09-2007 07:11 PM
Standard commands give "-bash: open: command not found" even in "su -" and "su root" mibo12 Linux - General 4 11-11-2007 10:18 PM
LXer: Displaying "MyComputer", "Trash", "Network Servers" Icons On A GNOME Desktop LXer Syndicated Linux News 0 04-02-2007 08:31 AM


All times are GMT -5. The time now is 12:26 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration