tag:blogger.com,1999:blog-2284785821773243312.post1433381932641236769..comments2022-05-13T05:05:47.590-07:00Comments on Intellectual Capitalism: Cryptography -- not as secure as we thoughtTom Terminihttp://www.blogger.com/profile/13359266430742140308noreply@blogger.comBlogger1125tag:blogger.com,1999:blog-2284785821773243312.post-6557697692769710422013-08-18T10:47:19.000-07:002013-08-18T10:47:19.000-07:00FOLLOWUP:
QUOTE
So the article is fluff, the deta...FOLLOWUP:<br /><br />QUOTE<br />So the article is fluff, the details can be found in the linked paper. The just of it is a refutation of the following assertion: if you have a set of symbols chosen with identical independent distributions and subject to some kind of coding, the result can be approximated as a uniform distribution.<br /><br />The paper asserts, with a few citations to some examples, that this is a common cryptographic assumption. It is, as far as I can tell from reading the literature and talking to other practitioners, not a common assumption at all. In fact, in standard encryption systems, we assume that the plaintext is chosen with a known distribution that can be arbitrary(indeed, attacker chosen), and keys are chosen randomly.<br /><br />In practice, keys are not chosen randomly, they are chosen using cryptographically secure random number generators. Those can fail, but not in the way the paper is talking about.<br /><br />Certain papers, such as maybe the cited ones about biometrics and passwords, might make this erroneous assumption, but it's not common and certainly doesn't relate to what most non-practitioners would consider "encryption."<br /><br />Moreover, it appears that you still can't make guesses about messages in polynomial time with this technique, you can just make them in faster exponential time. It depends highly on how the assumption was used if this maters in practice. Not having read the papers which do make this assumption, I can't say for sure, but if doing this breaks those systems in a practical sense, the schemes likely had other issues.<br /><br />A better title for the article is: a few cryptographers made some dumb mistakes. Mistakes neither pervasive or of massive consequence.<br />UNQUOTE<br /><br />Read more here: http://crypto.stackexchange.com/questions/9741/mit-says-mathematical-theory-behind-encryption-is-wrong-what-are-the-consequen<br />Tom Terminihttps://www.blogger.com/profile/13359266430742140308noreply@blogger.com