-
A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one. -
Re: 'Unbreakable' encryption unveiled....
YenTheFirst's post is the closest to my understanding of quantum encryption (although like most items labelled "quantum" that meaning changes drastically in context). The encryption is "unbreakable" because an attacker intercepting the message would prevent the target from receiving the message. It's not that an attacker can't decrypt the message, it's that the attacker can't do so without throwing up a giantic red flag in the process.
We all know you simply want the glory for yourself. So much pride in one person makes me weep.Originally posted by streaker69
Comment
-
Re: 'Unbreakable' encryption unveiled....
It definitely raises the effort bar for those interested in breaking it .. I don't believe it is unbreakable. It is, however, susceptible to availability flaws as far as your imagination can span.
I also can't see how this would be practically implemented outside of a lab. Surely we would need to breed more cats to have one for every key seed required in the industry. The implementation is usually the weakness ... why break the xbox encryption when you can read your key in plaintext as the hardware passes it through i/o?Last edited by converge; October 14, 2008, 07:55.if it gets me nowhere, I'll go there proud; and I'm gonna go there free.Comment
-
Re: 'Unbreakable' encryption unveiled....
That was the point of the article that started this thread. It was a demonstration of what a practical implementation of quantum cryptography might look like.
I expect that once the technology matures, governments and big companies will be using it.It's not stupid, it's advanced.Comment
-
Re: 'Unbreakable' encryption unveiled....
There's been some rather boisterous discussion of this in the past.
Also Bruce Schneier says quantum cryptography is pointless45 5F E1 04 22 CA 29 C4 93 3F 95 05 2B 79 2A B0
45 5F E1 04 22 CA 29 C4 93 3F 95 05 2B 79 2A B1
[ redacted ]Comment
-
Re: 'Unbreakable' encryption unveiled....
I think rather than breaking our code, they were given the keys by traitors. I can't go into much detail but I do believe it was later proven that they had access to this inofrmation as a results of someone giving it to them rather than an ability to "break" our crypto systems.DaKahuna
___________________
Will Hack for BandwidthComment
-
Re: 'Unbreakable' encryption unveiled....
Yes I agree, that is what happened. But it just goes to show no matter how strong the front door is if you leave the keys lying around or with the wrong people someone will get in.
http://en.wikipedia.org/wiki/John_Anthony_Walker is the person you are referring to.
I think people look for end all be all product. They want something that states that yes you have arrived and don't have to think about this anymore. No such thing with security. It 's a state where you never quite reach. I could get all Zen about it but I think many people get the point that it's a continuing effort that must be re-evaluated all the time.
xor
On a lighter note I think every Infosec guy needs a Love Guru. Yeah, just saw movie On-Demand.
Last edited by xor; October 18, 2008, 07:52.Just because you can doesn't mean you should. This applies to making babies, hacking, and youtube videos.Comment
-
A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.Comment
-
Re: 'Unbreakable' encryption unveiled....
He's one of them. Jerry Whitworth was another. You should get a couple of beers in me and get me started on those two. The amount of extra work they caused me was phenomenal. Thankfully I was never at the same command as they. I had a friend that was and they flew his ass back from the Indian Ocean to give a deposition and to question him. From what he told me, it was not a fun experience.
Yes, any enterprise encryption system has to have backdoors so that if the user screws something up, the techs can have a possiblity of recovering the information. I get a weekly email from the vendor of our whole disk encryption product with a decryption key that can be used on any disk that was propery encrypted with their product in our enterprise.DaKahuna
___________________
Will Hack for BandwidthComment
Tweet
Comment