Quote:
|
The intended "Catch-22s" of the one-time pad ... which is, after all, a theoretical system ... are these:
What's a practical cryptosystem? How about VPN, or "https?" Completely transparent to both authorized-sender and authorized-recipient, yet a more than sufficient deterrent to "Eve" (unless she works for one of those secret agencies with three-letter acronyms). |
Quote:
http://news.sciencemag.org/physics/2...phy-safe-again Note that quantum key distribution is just a way to distribute a key for an encryption algorithm. Not only can the key be intercepted, but the encryption is only as strong as the algorithm +- potential backdoors for the NSA. I don't see how this solves absolutely anything. I think they just like the sound of "quantum", something mysterious, poorly understood, and wildly random and chaotic. Really it's just an attempt at using polarized photons to send keys out in the open. I bet if they called it "polarized photon plaintext key distribution", nobody would ever speak of it again. |
Quote:
True, if you buy your key-exchange apparatus off the shelf then, perhaps, somebody made it somehow compromised but with an open specification the key exchange method can be verified and any back doors found. If you just want an uncrackable encryption scheme right now to use with your own data you can find a true RNG and put a load of bits onto a hard drive and use that as a one-time-pad and you're golden. This is how uncrackable encryption has been done in the past and will continue to be done in the future. It's not some unattainable, magical goal just so expensive and cumbersome that most people do something else. |
Quote:
A TRNG is difficult to find. I'm current trying to build one from various cheap parts, maybe patent it and sell it. The computer itself is not secure, so if someone has a backdoor into your computer, the one-time-pad is not secure running on this computer. |
As I understand it there are people who will sell you a quantum encryption setup and no-doubt there are a good many struggling PHDs who would help you verify it for a fee.
I'm not suggesting that absolute security can be attained but simply stating that the encryption side of things is a solved problem and everything going on now is to make things more convenient, cheaper, or avoid the most common avenues of local attack also. Absolutely secure encryption can and, indeed, does exist and is in use. |
Quote:
|
All times are GMT -5. The time now is 04:25 PM. |