Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.anu.edu.au!harbinger.cc.monash.edu.au!bunyip.cc.uq.oz.au!munnari.OZ.AU!news.hawaii.edu!ames!usenet.kornet.nm.kr!news.kreonet.re.kr!usenet.seri.re.kr!news.cais.net!news.jsums.edu!gatech!swrinde!sgigate.sgi.com!sdd.hp.com!hamblin.math.byu.edu!park.uvsc.edu!usenet
From: Terry Lambert <terry@lambert.org>
Newsgroups: comp.os.linux.misc,comp.os.linux.development.system,comp.os.linux.networking,comp.unix.bsd.bsdi.misc,comp.unix.bsd.netbsd.misc,comp.unix.bsd.freebsd.misc
Subject: Re: need secure OS to entrust millions to
Date: 13 Mar 1996 01:53:31 GMT
Organization: Utah Valley State College, Orem, Utah
Lines: 76
Message-ID: <4i59qr$ggt@park.uvsc.edu>
References: <4gi6t6$3h9@lace.colorado.edu> <nc0453Dn96w6.93F@netcom.com> <4hhp71$cv9@senator-bedfellow.MIT.EDU> <4hsun4$d3h@park.uvsc.edu> <4i0blb$g2m@senator-bedfellow.MIT.EDU>
NNTP-Posting-Host: hecate.artisoft.com
Xref: euryale.cc.adfa.oz.au comp.os.linux.misc:91482 comp.os.linux.development.system:19252 comp.os.linux.networking:31505 comp.unix.bsd.bsdi.misc:2634 comp.unix.bsd.netbsd.misc:2448 comp.unix.bsd.freebsd.misc:15371
ghudson@mit.edu (Greg Hudson) wrote:
] : I refer you to Godel's Theorem.
]
] You're confused. If you think you're not confused, please explain
] the relevance of Godel's First (or Second) Incompleteness Theorem
] to this problem. You may assume that I'm familiar with the theorem.
I was referring to the implicit assumption that a fast factoring
algorithm being "impossible" makes about human knowledge of
mathematics (it assumes it is complete, and that it doesn't
contain such an algorithm).
I thought it was amusing to note that using a "negative evidence"
argument to disprove a fast factoring algorithms possibility
contradicts the completeness theorem.
I was making a funny. ;-).
] : Typical "security through obscurity" is hiding a key in a
] : search space, but not securing the location of the key itself.
]
] If you honestly believe that that is the common definition, then
] I'd appreciate it if you'd provide a reference. Certainly, it is
] not what the poster I responded to was referring to by "security
] "security through obscurity."
Again, I was trying to be funny. I failed. 8-(.
It seems to me that a known key space doesn't fall into the
"security through secrecy" definition normally attributable
only to one time pads (IMO; cv: your speculation below).
I was using a common Aristotilian mean "EITHER x OR y" to
demonstrate the absurdity of predicting mathematical knowledge.
If I had to really class it, I'd probaly call it "security through
[potentially erroneous] assumption of computational difficulty".
] : You see, I believe the NSA already has fast-factoring
] : capability based on the questions Robert Morris Senior (formerly
] : of the NSA) posed at a recent security conference.
]
] I'm happy that you know how to speculate. I can speculate that the
] NSA has a way to break any cryptosystem you come up with except
] one-time pads.
I speculate you could be correct.
] : All that's required to crack RSA is massive parallelism and a
] : willingness to epend the effort, and that's assuming nothing
] : more than a brute-force attack.
]
] If, as the key size increases, the effort required to break a
] cryptosystem expands sufficiently faster than the effort required
] to use the cryptosystem legitimately, then there will always be a
] key size which will defeat an arbitrarily amount of parallelism
] and time. Back-of-the-envelope calculations suggest that a
] 1024-bit product of two primes would require absurd amounts of
] time to factor even if every particle in the known universe were
] a supercomputer. Of course, if you speculate that the NSA has
] arbitrarily good factoring algorithms, you will never find a
] satisfactory key size.
That's right. There's also the quantum computing approach to
parallelism (yes, based on unproven theories about the "many
worlds" hypothesis) that would really throw a wrench into any
encryption system based on "computationally difficulty".
Regards,
Terry Lambert
terry@cs.weber.edu
---
Any opinions in this posting are my own and not those of my present
or previous employers.