GeneralThis forum is for non-technical general discussion which can include both Linux and non-Linux topics. Have fun!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
"One-time pads are the holy grail of cryptography — they are impossible to crack, even in principle. However, the ability to copy electronic code makes one-time pads vulnerable to hackers. Now engineers at the California Institute of Technology in Pasadena, have found a way round this to create a system of cryptography that is invulnerable to electronic attack. Their solution is based on a special kind of one-time pad that generates a random key through the complexity of its physical structure, namely shining a light through a diffusive glass plate."
So, what do you say is in "uncrackable" ?
I say how crackable it is depends a lot on your RNG.
Quote:
The security of this process depends on two factors. The first is the randomness of the digits that make up the one-time pad. If this key is truly random, it offers nothing the eavesdropper can use to break the code. Although there are some potential pitfalls, random digits are reasonably straightforward to generate these days.
Are they really ? I'm quite sure that true random numbers or ever cryptographically secure random numbers are very difficult to come by and difficult to verify these days. The diffusing glass approach in this article is not convincing either.
The theoretical perfect security of the one-time-pad applies only in a theoretically perfect setting; no real-world implementation of any cryptosystem can provide perfect security because practical considerations introduce potential vulnerabilities. These practical considerations of security and convenience have meant that the one-time-pad is, in practice, little-used. Implementation difficulties have led to one-time pad systems being broken, and are so serious that they have prevented the one-time pad from being adopted as a widespread tool in information security.
One-time pads solve few current practical problems in cryptography. High quality ciphers are widely available and their security is not considered a major worry at present. Such ciphers are almost always easier to employ than one-time pads; the amount of key material which must be properly generated and securely distributed is far smaller, and public key cryptography overcomes this problem.[16]
Years ago, not having a password was a show-stopper, Now it is merely an inconvenience.
and tomorrow some "guy" will show up with a cryptographic version of the Dresden Codex.
What man can invent another man can reverse engineer!
I support jefro.
Quote:
Originally Posted by jefro
I don't believe in uncrackable encryption.
I will stick my neck out and state Nothing is uncrackable, given the time and resource's.
Prime Minister Churchill was of the same mind, thankfully or else a different regime would rule the Western world.
Trev
Last edited by trevoratxtal; 05-28-2013 at 12:28 AM.
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 7,680
Rep:
Quote:
Originally Posted by trevoratxtal
I support jefro.
I will stick my neck out and state Nothing is uncrackable, given the time and recourse's.
Prime Minister Churchill was of the same mind, thankfully or else a different regime would rule the Western world.
Trev
"It should be noted that the researchers categorically state that while McEliece's algorithm cannot be cracked by current quantum cryptography attacks, they are not taking any bets on whether it can withstand attacks dreamt up in the future."
The security of a scheme is only dependent on all parts being secret. Any fraction of the key or scheme or any part of the data may result in the entire data being decoded. You know the big governments have super computers working on all this right now. Remember when pgp was in trouble for being uncrackable until the US cracked it.
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 7,680
Rep:
Quote:
Originally Posted by jefro
The security of a scheme is only dependent on all parts being secret. Any fraction of the key or scheme or any part of the data may result in the entire data being decoded. You know the big governments have super computers working on all this right now. Remember when pgp was in trouble for being uncrackable until the US cracked it.
That is true but with a one time pad you can only know the key to the plaintext that you have if you have both plaintext and cyphertext -- you cannot know or infer the key to any other cyphertext. There is no mathematical attack against it. It is 100% uncrackable, always has been and always will be.
So, then you are left with the very difficult job of key distribution. This is where the plan usually falls down in the real world when people reuse keys or lose codebooks. This is what things like quantum key exchange are there for. Theoretically speaking quantum key exchange is unbreakable -- now it will take many decades to make that theory practice.
As to the original scheme -- I agree that it sounds like it will be broken at some point in the future but I think it sounds like it may work in some situations for long enough to be worth looking at.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.