Slashdot Mirror

← Back to Stories (view on slashdot.org)

1978 Cryptosystem Resists Quantum Attack

Posted by samzenpus on from the built-to-last dept.

KentuckyFC writes "In 1978, the CalTech mathematician Robert McEliece developed a cryptosystem based on the (then) new idea of using asymmetric mathematical functions to create different keys for encrypting and decrypting information. The security of these systems relies on mathematical steps that are easy to make in one direction but hard to do in the other. Today, popular encryption systems such as the RSA algorithm use exactly this idea. But in 1994, the mathematician Peter Shor dreamt up a quantum algorithm that could factorise much faster than any classical counterpart and so can break these codes. As soon as the first decent-sized quantum computer is switched on, these codes will become breakable. Since then, cryptographers have been hunting for encryption systems that will be safe in the post quantum world. Now a group of mathematicians have shown that the McEliece encryption system is safe against attack by Shor's algorithm and all other known quantum algorithms. That's because it does not depend on factorisation but gets its security from another asymmetric conundrum known as the hidden subgroup problem which they show is immune to all known quantum attacks."

135 of 185 comments (clear)

  1. Good but not great by alphatel · · Score: 1

    Don't start feeling too secure about the so-called McEliece encryption system - a candidate for the security of Internet traffic in the age of the quantum computer (2008 article)

    --
    When the foot seeks the place of the head, the line is crossed. Know your place. Keep your place. Be a shoe.
    1. Re:Good but not great by pushing-robot · · Score: 5, Informative

      Feel secure again. Only a variant was broken.

      --
      How can I believe you when you tell me what I don't want to hear?
    2. Re:Good but not great by alphatel · · Score: 2, Informative

      Feel secure again. Only a variant was broken.

      The date of your document July 2008 precedes the successful decryption in October 2008.

      --
      When the foot seeks the place of the head, the line is crossed. Know your place. Keep your place. Be a shoe.
    3. Re:Good but not great by pushing-robot · · Score: 1

      Which might be why it says:

      This attack has been implemented and is now in progress.

      --
      How can I believe you when you tell me what I don't want to hear?
  2. Re:Timeless saying applies here... by Jack9 · · Score: 2, Insightful

    > If it can be engineered, it can be reverse-engineered.

    How does that apply to this article, in any way?

    --

    Often wrong but never in doubt.
    I am Jack9.
    Everyone knows me.
  3. Hidden subgroup problem is under active research by da+cog · · Score: 5, Informative

    It is worth noting that solving hidden subgroup problem is a subfield of quantum computing that has been active for a while. Although we can't figure out how to solve it in general, we can solve specific instances of it; for example, I think that factorizing is one such instance.

    Thus, I suspect that we will eventually figure out a way to break this encryption. Even if we do, though, these mathematicians still get credit for giving us a new instance of the hidden subgroup problem to try and solve, which may give us additional insight into the extent to which the general problem can be solved by a quantum computer.

    --
    Snarkiness is inversely proportional to wisdom because it emphasizes feeling right rather than being right.
  4. Oh by Ryanrule · · Score: 1

    I see

  5. ElGamal?? by neiko · · Score: 4, Interesting

    Would ElGamal also be immune since it's based on Discrete Logarithms?

    1. Re:ElGamal?? by mrnobo1024 · · Score: 5, Informative

      No - both prime factorization and discrete logarithms can be done in polynomial time with a quantum computer.

    2. Re:ElGamal?? by Narksos · · Score: 1

      Would ElGamal also be immune since it's based on Discrete Logarithms?

      No, Shor solved the discrete logarithm problem in quantum-polynomial time too.

    3. Re:ElGamal?? by evilviper · · Score: 1

      No, but Merkle trees + Lamport signatures are: http://en.wikipedia.org/wiki/Lamport_signature

      --
      Slashdot gets worse every day... Pipedot: News for nerds, without the corporate slant
    4. Re:ElGamal?? by Fnord666 · · Score: 1

      No - both prime factorization and discrete logarithms can be done in polynomial time with a quantum computer.

      Interesting. I wonder if this extends to elliptic curves as well?

      --
      'The tyrant will always find pretext for his tyranny.' - Aesop's Fables
    5. Re:ElGamal?? by nhaehnle · · Score: 1

      To the best of my knowledge, yes. The whole term "elliptic curve cryptography" is quite misleading. All it means is that the groups you are using come from elliptic curves instead of from (e.g.) modular arithmetic. The attacks against discrete logarithms are, as far as I know, generic in the sense that the only requirement is that you implement the group multiplication in your quantum computer. So any kind of discrete logarithm-based cryptography can be broken using quantum computers, independent of the underlying group.

  6. conspiracy theory by craftycoder · · Score: 4, Interesting

    I wonder if "THEY" already have one of these quantum computers and are keeping a lid on it so they can snoop on the PGP of our enemies. Would it be possible to develop one of these in secrecy?

    1. Re:conspiracy theory by Anonymous Coward · · Score: 2, Funny

      No. Nothing to see here.

    2. Re:conspiracy theory by Sarten-X · · Score: 1

      Possible, yes. Within the realm of imaginable possibility, no.

      --
      You do not have a moral or legal right to do absolutely anything you want.
    3. Re:conspiracy theory by debile · · Score: 1

      -----BEGIN PGP PUBLIC MESSAE BLOCK-----

      mQENBExW0NkBC ADvqmg39Grmq7Yf2WQrbcJdOyHPNg/dmh mVLmXjGtQzdf5GvRMa
      9Z5CzKtJR/eZCXRUQYpkBaQ25 ZrGWe+qGO6yUTFUKciaRqw3 REvTp35RwM7fQJdk
      5o9powG2nQLG uj55F390hprx6Gc8RTyN QrejU3IOt0gsQ3PUnSM9bSvJ8ZX3k+c2

      -----END PGP PUBLIC MESSAE BLOCK-----

      With the crypted Echelon IP I just published, if NSA has a way to decrypt the message and want to track me, Slashdot will be offline in 5, 4, 3...2......1

    4. Re:conspiracy theory by MagicM · · Score: 1

      Within the realm of imaginable possibility, yes. Within the realm of possible possibility, no.

    5. Re:conspiracy theory by woolpert · · Score: 5, Insightful

      I wonder if "THEY" already have one of these quantum computers and are keeping a lid on it so they can snoop on the PGP of our enemies. Would it be possible to develop one of these in secrecy?

      Simplistically:
      If THEY bought out 50% of the researchers in the field, without arousing suspicion amongst those who turned down the offer, THEY would only have a 50% chance of having one first.

      More realistically,
      If THEY bought out a significant percentage of the researchers in the field, without arousing suspicion amongst those who turned down the offer, THEY would likely only be a few months / years (at best) ahead.
      And since the outlook on the QC front is rather bleak (in terms of a functional QC with any real power) the odds are strongly in favor of THEY not having squat.

      Especially in today's world it isn't like top researchers are fragmented and isolated. In the past it was possible for a governmental organization to use its greater vision to collect isolated researchers and be the first to introduce them to each other, magnifying their individual efforts. Today everybody who is anybody in these fields is at least aware of the others, if not following closely.

    6. Re:conspiracy theory by Anubis+IV · · Score: 2, Insightful

      Of course, your point doesn't consider the fact that the information sharing only goes one way. If THEY come up with something new, it's not always put back out into the field where it can be worked on by others and built upon. If THEY then find something new, THEY can be the first and only ones building upon it, and THEY do not have to sacrifice the ability to build on everything else that is coming out in the field as well. If that something new is a breakthrough concept, then THEY may be able to build a lead of years or decades. Of course, as you pointed out, researchers tend to be much more aware of what is going on these days than in the past, due to the speed and ease of communication, which reduces both the likelihood of THEM getting a breakthrough first and also reduces the time that THEY will likely be the only ones exclusively holding that knowledge. Despite that, I seem to recall hearing stories of various encryption ideas the NSA developed in the '70s and '80s which weren't developed in the open until the late '90s and early 2000s (sorry, no citation).

    7. Re:conspiracy theory by Hawke666 · · Score: 1

      "MESSAE BLOCK"?

    8. Re:conspiracy theory by metacell · · Score: 1

      Of course we don't have any of the quantum computers the grey aliens ga... eh, I mean, we haven't come that far yet.

    9. Re:conspiracy theory by Anonymous Coward · · Score: 1, Funny

      -= "MESSAE BLOCK"?

      You've broken the encryption!

    10. Re:conspiracy theory by metacell · · Score: 1

      Damn! They got to him before he posted!

    11. Re:conspiracy theory by AliasMarlowe · · Score: 1

      I wonder if "THEY" already have one of these quantum computers

      Pardon my lack of paranoia. It's because "they" are out to get you, not me.

      --
      Those who can make you believe absurdities can make you commit atrocities. - Voltaire
    12. Re:conspiracy theory by euxneks · · Score: 2, Funny

      Simplistically: If THEY bought out 50% of the researchers in the field, without arousing suspicion amongst those who turned down the offer, THEY would only have a 50% chance of having one first.

      Unfortunately, that same 50% chance collapsed to a more stable 0 once observed.

      --
      in girum imus nocte et consumimur igni
    13. Re:conspiracy theory by gringer · · Score: 1

      With the crypted Echelon IP I just published, if NSA has a way to decrypt the message and want to track me, Slashdot will be offline in 5, 4, 3...2......1

      127.0.0.1? Why am I able to log into that with my current username and password?

      --
      Ask me about repetitive DNA
    14. Re:conspiracy theory by mrops · · Score: 1

      So what you are saying is that both the possibilities exist but we won't know until the cat is out of the box, where did I hear this before?

    15. Re:conspiracy theory by rahvin112 · · Score: 1

      Real World:

      The NSA creates a front company called Quantum Research and funds it with black project money.

      DARPA creates a front company called Skynet Research Ltd and again funds it with black project money which is unreported to congress or the public.

      Both companies then hire CEO's from the public sector and give them no knowledge who they really work for. Quantum Research then gets "VC Money" from Skynet Research and goes on a hiring spree to develop quantum computers and hires and provides grants to 50% of the quantum research field. After successfully creating a quantum computer and producing a few "prototypes" said company declares to their employers that the cash has run out and they are going into liquidation. Said prototypes appears to disappear into liquidation and are never "seen" again.

      And because everyone thought the companies were legitimate businesses not government research no one is the wiser to what has occurred.

      This is standard operating procedure for the spy agencies and research branches like DARPA. DARPA seeds the educational community across many apparently unrelated disciplines. The NSA then creates front companies with access to the DARPA research, drives the company like an innovative startup, once innovation or invention occurs the company is folded and the assets or inventions are sequestered to the NSA with a few key employees that all along knew they were working for the NSA who then take the prototypes, enchance them and working with defense contractors replicate and expand the computers.

      Just FYI the NSA is building a 50,000+ square foot computer complex in Utah on a millitary base (Camp Williams) that is going to use so much power they have to build a power plant to power it.

    16. Re:conspiracy theory by garyebickford · · Score: 1

      So the top five people in QC go to the international conference in Hawaii. Two of them have cooperated on a revolutionary new method, but since it's so new they have made some hints, but haven't been able to share any of the details with their colleagues but they will be doing a short intro at the conference.

      While they are in Hawaii they all 'happen to' all be winners of a conference-provided free sightseeing helicopter ride around Kauai. The tourists on the cliffs see that the helo, instead of staying close to the island, seems to be having some trouble and warps out of sight of land into a cloud layer, and is never heard from again. Some wreckage is found, but it's impossible to search the deep water. After a few days, all hope is lost and the world mourns the loss of this important cadre of leaders in the field, and progress in QC is set back ten years.

      Meanwhile, one of the Navy's subs departs Pearl Harbor for a routine cruise, but an accident on board requires it to return to the highly secure Bremerton sub base for repairs. At the base, some injured personnel are lifted out of the sub inside protective hazmat suits, and whisked away to an unknown location for 'decontamination'. A few days later a minor press release reports that the personnel (who can't be named for privacy reasons) are all OK.

      I've been reading too much Tom Clancy! :D

      --
      It's easier to be a result of the past, but more fun to be a cause of the future! http://www.spacefinancegroup.com/
    17. Re:conspiracy theory by Omnifarious · · Score: 1

      Despite that, I seem to recall hearing stories of various encryption ideas the NSA developed in the '70s and '80s which weren't developed in the open until the late '90s and early 2000s (sorry, no citation).

      Of course, the late 90s and early 2000s were also when the serious speed and ease of communication issues were really addressed for the majority of researchers. So this fact, if anything, decreases the probability that a major player has managed a serious breakthrough that it's successfully kept hidden.

      --
      Need a Python, C++, Unix, Linux develop
    18. Re:conspiracy theory by garyebickford · · Score: 2, Informative

      Only 50,000 sq. ft.? Times have changed, computers are getting smaller as they get bigger. Back in the day, that was a mid-size corporate server farm. Of course now, that's a lot more computing power.

      As for power, most secure computing facilities have their own power generation capability - if nothing else then just a motor-generator to assure clean power all the time. An old Army base's power system is not likely to be up to the standards of today for this purpose.

      There's a facility in the wilds east of Bend OR that was built in the 1980s as a backup government facility in case of nuclear war - this is where the Western governors and such were going to hang out till the radiation in the big cities got down to a reasonable level. It has about 40,000 sq. ft. of raised floor, plus a couple of acres worth of space for people, with food and everything you need for 150 people for a year, four hidden satellite dish platforms, four diesel generators each the size of a large room, and a fuel supply the size of an Olympic swimming pool.

      --
      It's easier to be a result of the past, but more fun to be a cause of the future! http://www.spacefinancegroup.com/
    19. Re:conspiracy theory by Nursie · · Score: 1

      They are estimated to be 20 years ahead of the civilian world in when it comes to encryption research in the opinion of AC posters on slashdot.

      It seems to be some sort of hero-worship of the US government that's prevalent here. I'm sure they do a lot, and we know that they find weaknesses in some stuff before others do, but I do not believe for one second that they have access to hardware types that are not even in the experimental prototype stage yet.

    20. Re:conspiracy theory by gtall · · Score: 1

      Alright, damnit! You caught us, us being they. Our representatives will be contacting you shortly to see about how you came by this wonder.

  7. Re:Timeless saying applies here... by kalirion · · Score: 4, Insightful

    If it can be engineered, it can be reverse-engineered.

    That only works for "security through obscurity" type of problems. A good encryption should not be "solvable" - it must be brute forced. The question is how expensive the brute force method is in processing power and time.

  8. Re:Timeless saying applies here... by da+cog · · Score: 5, Insightful

    It doesn't apply to this article. The way that one typically breaks a cryptosystem is not by reverse engineering (which is not even meaningful here, given that the algorithm is already completely open), but by finding a clever new way to solve the mathematics underlying the system using less information than the designers of the system had thought was needed.

    --
    Snarkiness is inversely proportional to wisdom because it emphasizes feeling right rather than being right.
  9. Re:Can be broken? by Reason58 · · Score: 2, Informative

    This is not a brute-force attack. The article refers to a method of deriving the private key from the public key (which is available for anyone to download).

  10. If you want to test it by Atmchicago · · Score: 4, Funny

    Send a bunch of encrypted e-mails containing questionable content and see if anyone comes knocking at your door. And be sure to not send any questionable content unencrypted, or to give any other reasons for them to show up.

    --

    You can lead a horse to water, but you can't make it dissolve.

    1. Re:If you want to test it by fishexe · · Score: 3, Funny

      Send a bunch of encrypted e-mails containing questionable content and see if anyone comes knocking at your door. And be sure to not send any questionable content unencrypted, or to give any other reasons for them to show up.

      But how will I know they're not just knocking at my door out of a desire to make my acquaintance?

      --
      "I don't care about the Constitution!" --Bill O'Reilly, November 17, 2009
    2. Re:If you want to test it by Anonymous Coward · · Score: 5, Interesting

      Even then, they would probably spend a long time creating other circumstances in which to pick you up that would give plausible deniability as to how they caught on.

      One can google one's own references as I'm sort of lazy today, but a good example: the British had thoroughly broken Enigma during WWII, and at one point in the war knew where -every- German U-boat was. This created a dilemma for them: should they act on this information, and if so, how to do it without tipping their hand? If they just went and rounded up every single one, it would be pretty obvious that the code had been broken.

      What they did, according to the stories, is send out disinformation that a) they had ramped up production of a bunch of new long-range sea-spotting planes (they didn't, they only had the resources for a few); and b) these planes would fly near where they already -knew- the U-boat was, and 'spot it' (making sure it was obvious they'd been seen by the U-boat itself before flying back). The British were also careful not to find too many U-boats -- only the ones that they needed out of the way for critical operations. The Germans were convinced they just had really bad luck and were the victim of a very expensive and thorough patrol system by the British.

      If the guys in dark suits can crack PGP, Blowfish, etc. easily, they won't obviously act on it until they first get dirt on you via other means. :p

    3. Re:If you want to test it by superdave80 · · Score: 1

      That's a great idea. However, I'm not sure what you mean by 'questionable content'. Would you mind emailing me a few examples?

    4. Re:If you want to test it by c6gunner · · Score: 5, Funny

      But how will I know they're not just knocking at my door out of a desire to make my acquaintance?

      Easy. If they use your door knocker, they want to make your acquaintance. If they bring their own, they're coming for more than tea and crumpets.

    5. Re:If you want to test it by Gaffod · · Score: 1

      If they just went and rounded up every single one, it would be pretty obvious that the code had been broken.

      If they rounded up every single U-Boat, I don't think it would matter whether the Germans know if it is broken- seeing as how they wouldn't have any U-boats left to send secret messages to.

    6. Re:If you want to test it by julesh · · Score: 1

      Surely they used Enigma for other critical long-distance communications as well!

      Indeed. It was also used to communicate with the Luftwaffe, hence the widespread myth that decrypting Enigma meant that the devastating attack on Coventry could have been prevented (it couldn't: the Germans used a defence-in-depth system that used codewords to identify particular targets; that a massive attack was planned was known, the identity of the target was not).

    7. Re:If you want to test it by Calinous · · Score: 1

      The U-Boats (for most of the war) were under orders to report contacts (via Enigma machines). Doubts about broken encryption would have been enough to put them into "communicate only if attack is impossible" - which would have been a huge problem, considering there weren't enough patrols to cover everything.

    8. Re:If you want to test it by geggo98 · · Score: 2
      Better yet: The Brittish military created an urban legend, still famous today. They spread the word that eating carrots would improve vision and this would help them to spot submarines more easily. Although this was not done to cover that they broke Enigma, but to hide the fact that they invented radard. (Source)

      But the fact remains: To hide an invetion they used misinformation. And they did it so well, that it is still effective today.

    9. Re:If you want to test it by mr_mischief · · Score: 1

      Yes, please have jam and marmalade.

    10. Re:If you want to test it by steelfood · · Score: 1

      It's pretty simple. Unless you're distributing some kind of information that they don't want you to (copyrighted material, classified information, trade secrets, etc.), you have to eventually come out of your shell and put to action those plans you and your conspirators have been working so hard to perfect while keeping secret.

      It's then pretty easy to nab you right as you're putting those plans into action, or as you're about to put the final piece into its place.

      But any mastermind coordinating some kind of nefarious plan over the internet deserves to be nabbed.

      --
      "If a nation expects to be ignorant and free in a state of civilization, it expects what never was and never will be."
    11. Re:If you want to test it by Gaffod · · Score: 1

      I don't think you have read the post you replied to. The point was, "if you neutralize every element of the enemy's fleet by cracking their codes, the enemy will indeed become aware that the code is compromised. This will not matter because they will not have left any elements in their fleet to act upon the knowledge with".

      You know, like how if you siege and capture a castle, it will become apparent that your intent was to attack the castle. Except, who cares, because, you know. You already captured the castle.

    12. Re:If you want to test it by KDR_11k · · Score: 1

      Except it wasn't only the submarines that used the encryption so sinking them all would still leave other troops alerted.

      --
      Justice is the sheep getting arrested while an impartial judge declares the vote void.
    13. Re:If you want to test it by Gaffod · · Score: 1

      Except it wouldn't matter, because the Germany would have no naval presence left.

    14. Re:If you want to test it by KDR_11k · · Score: 1

      Let's not forget that this is WW2 technology, unmanned drones aren't that simple. The V1 was pretty much pre-programmed and the Goliath used a wired remote control. Dummy subs wouldn't be able to keep moving over the timespans you need to place them and then get away.

      --
      Justice is the sheep getting arrested while an impartial judge declares the vote void.
  11. New assymetric algorithms needed? by mlts · · Score: 4, Interesting

    Symmetric algorithms are at least in their second generation (DES/Lucifer now AES) of production use, with decades of study and close analysis by a lot of good minds.

    Asymmetric algorithms are still essentially the first generation. Take RSA. It has been out for so long that its patent has expired more than 15 years ago. Even elliptic curve cryptography has been out at least 20 years, because the NeXT had it in NeXTStep 3.0 (and ended up getting pulled out of the OS due to ITAR).

    Even cryptographic hashes have been through a number of iterations. We had MD4, then MD5, then SHA-1, then SHA-256, now are looking for something to replace SHA, similar to how Rijndael replaced 3DES and DES.

    Maybe it is time to have a contest to have a standard asymmetric algorithm to replace RSA, DSS, and ElGamal? Something fundamentally designed to resist quantum computer attack as well as other threats.

    1. Re:New assymetric algorithms needed? by mlts · · Score: 2, Informative

      Three reasons:

      1: Public keys are not just used for real time exchanges. Public keys are sometimes used for data archiving where the private keys are held in an offline area. Same with keys that sign programs to detect tampering.

      2: Quantum links are really, really slow. Instead of a one time pad, realistically you want to generate a key through the secure channel via a Diffie-Hellman handshake that is used for some time then chucked (like for a transaction or for a chunk of data.) Then send the bulk data through a standard link.

      3: Quantum key exchanges have had some issues that could allow an attacker to get knowledge of the key.

      4: One would have to drop parallel pipes everywhere that supported quantum channels. It is hard to get ISPs to drop one chunk of fiber, much less the fiber needed to interconnect for the secure quantum channels and the partial photons.

      5: There is the issue of trust. You can set up a quantum exchange with another machine and come up with a key that you know hasn't been touched... but is that really your bank, or is it some site in Elbonia that is patched in? Quantum key selection won't help you here in knowing that you are talking to the right host.

      Regardless, even if we had secure point to point connections via quantum key generation and bulk tunnels, public key cryptography is still an important part of life, even if it to sign documents and ensure they won't be tampered with.

    2. Re:New assymetric algorithms needed? by Timothy+Brownawell · · Score: 1

      Because for a lot of uses, that would be solving the wrong problem.

    3. Re:New assymetric algorithms needed? by Kjella · · Score: 1

      If we had a fundamental understanding of problems that aren't solvable by quantum computing, some insight into whether P != NP or not then maybe. But we don't and until then, RSA has a lot going for it - for one it's extremely simple. So simple we went through and did examples on paper, of course with reduced bits. People have been trying to find an algorithm to factor integers for the last 2000 years, it's not a trivial task using conventional computers.

      Shor's algorithm is impressive but it needs registers of q qubits where N^2 < 2^q < 2N^2, and N is 2048 bits which makes N^2 4096 bits so you need ~4096 qubits. So far the top public scientists are having huge issues getting more than a handful of qubits working together in a coherent state, and the problems only grows worse the more bits you add to the mix. Of course someone is going to suggest the possibility that the NSA might have overcome all that, but if so they're way, way ahead of the state of the art, and I don't mean in maths but more in physics and engineering. To put it this way, if they're that far ahead of the game we should ask them for the plans for the space elevator...

      --
      Live today, because you never know what tomorrow brings
    4. Re:New assymetric algorithms needed? by FrangoAssado · · Score: 2, Insightful

      What you're describing is a NP-complete problem -- assuming P != BQP != NP. But I'm guessing that you already know that :)

      Still, it's still very hard to build a cryptosystem that exploits the hardness of solving NP-complete problems. The main problem is, NP-completeness only guarantees that some instance of the problem is hard, it says nothing about a specific instance. So, for instance, if you have a specific 3-SAT formula, there's no guarantee someone can't come up with a solution for it in polynomial time.

      That being said, there are some candidates for a cryptosystem based on NP-completeness. Check for example the McEliece cryptosystem.

    5. Re:New assymetric algorithms needed? by daveime · · Score: 1

      Umm, TWIRL and TWINKLE are essentially flashing lights in cardboard tubes, and an awful lot of handwaving by the "inventor".

      I know one instance of RSA-768 that was broken using NFS, but hadn't heard anything more recent than that, certainly nothing using a glorified kaleidoscope.

    6. Re:New assymetric algorithms needed? by julesh · · Score: 1

      5: There is the issue of trust. You can set up a quantum exchange with another machine and come up with a key that you know hasn't been touched... but is that really your bank, or is it some site in Elbonia that is patched in? Quantum key selection won't help you here in knowing that you are talking to the right host.

      Actually, yes it does. You'll need a shared secret, but that shouldn't be too hard to arrange with your bank, right? It doesn't even need to be particularly secure, as there's no practical brute force attack to attempt to discover it. You could use your ATM card PIN and you'd be perfectly secure.

    7. Re:New assymetric algorithms needed? by Kjella · · Score: 1

      Umm, TWIRL and TWINKLE are essentially flashing lights in cardboard tubes, and an awful lot of handwaving by the "inventor".

      Yup. Though I'd consider it possible that the NSA can brute force a 1024 bit key, given enough interest. However, that's no reason to abandon the algorithm as you can just increase key length to 2048 or 4096 bit. It's essentially just the same as increasing a symmetric key from 64 to 128 or 256 bit, huge difference in security.

      --
      Live today, because you never know what tomorrow brings
    8. Re:New assymetric algorithms needed? by mlts · · Score: 1

      With my bank, yes, there is a shared secret. However, what if I'm buying a new vend-a-goat machine from a bovine supply house's website, some place where I have had no previous dealings, so establishing a shared secret, even a 4 digit PIN is not possible? My only other avenue would be to find the bovine supply house's phone number and set up a preshared secret over the phone. However, if the only info about the phone number's location is on the Web, then that becomes pointless.

      Of course, we could get into trusted parties, but some CAs are barely trustable with telling you that a key is actually belonging to the claimed party, much less knowing symmetric keys in a conversation.

      Public key encryption solves a lot of problems. Without it, it will be hack beyond hack to try to get symmetric keys working between people who don't know each other, not to mention the sheer amount of storage of private nonces.

      Another example: Say 1000 people want to have encrypted communication with each other. If they have a WoT, all one would need is the private key of a trusted introducer who signed that the 999 other people are legit. Otherwise, they would need 1000 symmetric keys. To boot, a public key doesn't have to be kept hidden, while the 1000 symmetric keys would cause a lot of damage if they were divulged.

  12. The article agrees with you by fishexe · · Score: 5, Informative

    Thus, I suspect that we will eventually figure out a way to break this encryption. Even if we do, though, these mathematicians still get credit for giving us a new instance of the hidden subgroup problem to try and solve, which may give us additional insight into the extent to which the general problem can be solved by a quantum computer.

    From TFA:

    However, it's worth pointing out that while the new work guanratees safety against all known quantum attacks, it does nothing of the sort for future quantum attacks. It's perfectly possible that somebody will develop a quantum algorithm that will tear it apart as easily as Shor's can with the RSA algorithm. "Our results do not rule out other quantum (or classical) attacks," says Dinh and co.

    --
    "I don't care about the Constitution!" --Bill O'Reilly, November 17, 2009
    1. Re:The article agrees with you by DarkKnightRadick · · Score: 5, Funny

      You read the article?!

      --
      "There is a way that seems right to a man, but its end is the way of death." Proverbs 16:25 (NKJV)
    2. Re:The article agrees with you by fishexe · · Score: 1

      You read the article?!

      No, I used my quantum computation abilities to tell me what must be in it.

      --
      "I don't care about the Constitution!" --Bill O'Reilly, November 17, 2009
  13. It's "Caltech", not "CalTech" or "Cal Tech" by 3.1415926535 · · Score: 2, Informative

    Seriously, Slashdot gets it wrong EVERY TIME. Next time, would it kill the editor to go to http://www.caltech.edu/ and, you know, read any of the words on the page?

    1. Re:It's "Caltech", not "CalTech" or "Cal Tech" by Anonymous Coward · · Score: 3, Funny

      Pidantic much? {sic}

    2. Re:It's "Caltech", not "CalTech" or "Cal Tech" by lgw · · Score: 1

      Slashdot has editors? You do realize that the guys who post stories on the front page aren't editors in the classic sense, right? They have only the "content controller" role, and don't do the sort of editing one associates with "edited prose". Your UID is low enough that none of this should be news to you.

      Also, no one cares how you spell Cal Tech.

      --
      Socialism: a lie told by totalitarians and believed by fools.
    3. Re:It's "Caltech", not "CalTech" or "Cal Tech" by WillDraven · · Score: 1

      Well, they sure as hell have changed around the wording for every story I've ever had accepted. If that's not editing, what the hell is it?

      --
      This is my sig. There are many like it but this one is mine.
    4. Re:It's "Caltech", not "CalTech" or "Cal Tech" by lgw · · Score: 1

      Entropy.

      --
      Socialism: a lie told by totalitarians and believed by fools.
  14. Re:Timeless saying applies here... by Frequency+Domain · · Score: 5, Insightful

    Actually, with really hard-core crypto systems there are three traditional ways to break them: 1) rubber hose; 2) dumpster diving; or 3) box of chocolates/bouquet of roses.

  15. Optimist by cowboy76Spain · · Score: 1

    I think you are too optimistic. I do not mean that "THEY" have one (I do not know/not answer). The issue is that the statement should read:

    I wonder if "THEY" already have one of these quantum computers and are keeping a lid on it so they can snoop on the PGP of their enemies.

    After all, why limit it to only "ours" enemies after spending so much on it?

    --
    Why can't /. have a rich-text editor? Editing your own HTML is so XXth century.
  16. Re:Its callled a "one-time" page by supradave · · Score: 1

    Of course, that presumes a purely random one-time pad.

  17. Re:Timeless saying applies here... by Ancient123 · · Score: 1

    Mod parent up... It is surprising how true that is.

  18. Re:Timeless saying applies here... by ae1294 · · Score: 2, Funny

    Actually, with really hard-core crypto systems there are three traditional ways to break them: 1) rubber hose; 2) dumpster diving; or 3) box of chocolates/bouquet of roses.

    What no wad of Cash xor hookers & blow?

  19. Re:Its callled a "one-time" page by blueg3 · · Score: 1

    And a secure system for transmitting this pad from the sender to the receiver.

  20. Early connection? by steve_bryan · · Score: 5, Interesting

    A sociological observation is that Shor was an undergrad at Caltech when McEliece was a professor there formulating the cryptosystem that would resist the quantum algorithm that Shor would develop years later. I wonder if knew each other.

  21. Re:Its callled a "one-time" page by Sir_Lewk · · Score: 1

    1) I think (hope) you mean WPA2, not WEP2...
    2) The proof for the perfect security of OTPs only applies if the pad is random. Not pseudo-random. You seem to be describing what amounts to a very primitive psuedo-random number generator, using pages of books as seeds. If you are not using random information, it is incorrect to call it a one time pad.

    --
    "linux is just DOS with a UNIX like syntax" -- Galactic Dominator (944134)
  22. Re:Its callled a "one-time" page by HeckRuler · · Score: 1

    Wow you're ignorant. Or a very subtle form of funny.
    Randomly generated one-time pads are definitely unbreakable. But the problems are generating the key and getting the key to the target as the key is as big as the text. So if you're using this to encrypt a connection, you need to split a 1Gig key, physically hand it to the target, and then you have 1Gig of communication before you need to hand him another stack of pads. It's good for sending code-words and like, emergency e-mails or something, but not constant communication channels.

    Wait... you're using a pad for the key to a WEP2 encryption? And you're using books to generate the pads... that's... wow dude. Just wow.

  23. Re:Timeless saying applies here... by Hylandr · · Score: 1

    It doesn't apply to this article. The way that one typically breaks a cryptosystem is not by reverse engineering (which is not even meaningful here, given that the algorithm is already completely open), but by finding a clever new way to solve the mathematics underlying the system using less information than the designers of the system had thought was needed.

    So, you're saying 640k should be enough?

    - Dan.

    --
    ~ People that think they are better than anyone else for any reason are the cause of all the strife in the world.
  24. Secure encryption by SnarfQuest · · Score: 2, Interesting

    The only encryption method I've heard about that has not been found to be breakable is the one time pad. This method has the problem of exchanging the pads beforehand.

    All of the major encryption machines used during WWII appear to have been broken. The new encryption methods are currently much harder to break, but the spooks are likely to discover some innovative method to break such algorithms.

    Current methods using large prime numbers sounds like they are soon (next few decades) to be broken. If we got into a war where breaking these methods became important, I'm sure that quantum computers would soon become available, if they aren't already. Even if quantum algorithms aren't available, someone might come up with a way to calculate prime factors using a bacteria colony through DNA molecules. A method may cost a million dollars per factor found, but sometimes that is small change for the information gained.

    I'm sure that there are groups looking for the next level of encryption. Something that isn't compatible with quantum methods, or requires it to reverse the encrypted data. Making it take longer and be more expensive to break is the goal of encryption.

    --
    Who would win this election: Andrew Weiner vs Andrew Weiner's weiner.
    1. Re:Secure encryption by cowscows · · Score: 1

      I'm not convinced that all these major breakthroughs in computing are just sitting right out of reach, waiting for a little war funding to make it happen. Computer technology has been moving so quickly the past couple of decades, and there's so much money to be made in these various fields, I'm sure the best and brightest are already working plenty hard on it.

      --

      One time I threw a brick at a duck.

    2. Re:Secure encryption by SnarfQuest · · Score: 1

      Not saying they wouldn't be developed, just saying that if you put a manhatton type wartime budget/manpower behind it, that it would probably be developed faster.

      --
      Who would win this election: Andrew Weiner vs Andrew Weiner's weiner.
  25. Re:Timeless saying applies here... by sznupi · · Score: 2, Funny

    W8, why both of them wouldn't work?

    --
    One that hath name thou can not otter
  26. Re:Timeless saying applies here... by treeves · · Score: 3, Interesting

    That falls under the generalization of (3).
    (1) Threat/intimidation/violence
    (2) Exploit a careless mistake
    (3) Bribery/persuasion

    I suppose (1) and (3) even could blur together into "influence" (negative and positive).

    --
    ...the future crusty old bastards are already drinking the Kool-Aid.
  27. Re:Timeless saying applies here... by shinzawai · · Score: 1

    In the morning.

  28. Re:Timeless saying applies here... by CarpetShark · · Score: 1

    If it can be engineered, it can be reverse-engineered.

    How does that apply to this article, in any way?

    I think he's saying that this article does not qualify for reverse-engineering ;)

  29. Re:Timeless saying applies here... by modmans2ndcoming · · Score: 1

    I don't think XOR is the appropriate logic operator. cash is not mutually exclusive from hookers and dope as a bribe.

  30. I'm sorry, I'm an idiot- by way2trivial · · Score: 1

    In the simplest of terms

    I thought the whole point of the quantum computer was was it did the equivalent of brute forcing every single possible answer simultaneously

    instead of checking a password say from

    a
    b
    c ..z
    aa
    ab
    ac ..az
    ba
    bb
    bc ..bz

    so a one letter password (normal computer) can be checked in 26 steps, and a 2 letter password in 676 steps..
    each once then proceeding,

    and on a quantum computer, I thought it threw the equivalent of the OED (all possible answers, all possible combinations) at the same time.

    but only responding with the correct answer

    will someone please tell me where my basis is way off?

    --
    every day http://en.wikipedia.org/wiki/Special:Random
    1. Re:I'm sorry, I'm an idiot- by PvtVoid · · Score: 1

      will someone please tell me where my basis is way off?

      ... and how do you get the answer to a particular choice of password out of the quantum computer?

    2. Re:I'm sorry, I'm an idiot- by NonSequor · · Score: 2, Interesting

      No, it doesn't brute force every possible combination. You can perform an operation on a superposition of all possible k-bit strings, but you can't actually get all of the 2^k outcomes of that operation. If you measure the result, you'll get one of the 2^k outcomes at random.

      Basically you start from that superposition of k-bit strings, then you apply some operations to that state so that all of the the correct answers are in phase with each other and constructively interfere. Effectively, you can only apply this kind of speed-up if you can exploit the numerical properties of the problem to ensure that this happens.

      --
      My only political goal is to see to it that no political party achieves its goals.
    3. Re:I'm sorry, I'm an idiot- by julesh · · Score: 1

      Simplistically: there are only certain algorithms it can perform such a search over. One of them is factorization (Shor's algorithm), and this can be applied to most current asymmetric ciphers because they're essentially isomorphic to one another.

  31. Re:Timeless saying applies here... by ae1294 · · Score: 1

    I don't think XOR is the appropriate logic operator. cash is not mutually exclusive from hookers and dope as a bribe.

    True but when you mix the two something odd happens and all of the money gets overwritten with blow somewhere in the FIFO buffer...

  32. Re:Timeless saying applies here... by ae1294 · · Score: 3, Funny

    WTF... OK... I can deal with slashdot being overrun by morns who know little but act big, but now we have to put up with text-ese ?

    His UID is lower than yours so shouldn't it be "I can deal with that slashdot was overrun by morns who knew little when I signed up. (eol)"

  33. Re:Anonymous Coward by geekgirlandrea · · Score: 1

    Quantum computers only provide a quadratic speedup for search problems like brute-forcing cryptography. Current secret key algorithms are safe.

  34. Feed him some cat food by A+nonymous+Coward · · Score: 3, Funny

    Maybe he did, maybe he didn't.

    --
    Infuriate left and right
  35. Re:Timeless saying applies here... by ae1294 · · Score: 1

    I love you too... but it's a secret remember?

  36. Re:Timeless saying applies here... by human-cyborg · · Score: 1

    I can engineer a dead flower by leaving a live flower on a table without water for a week. Can you reverse engineer a living flower from that dead flower?

  37. Re:Timeless saying applies here... by ae1294 · · Score: 1

    Cash is actually the superposition of hookers and blow.

    I purpose we petition for a grant to study this theorem in extreme detail as it just might lead to a grand unifying theory with black jack.

  38. Re:Timeless saying applies here... by Anonymous Coward · · Score: 1, Insightful

    This exchange is illustrated here:

    http://imgs.xkcd.com/comics/security.png

  39. Re:Timeless saying applies here... by SageMusings · · Score: 1

    and hookers. Okay, forget the Black Jack!

    --
    -- Posted from my parent's basement
  40. Re:Timeless saying applies here... by modmans2ndcoming · · Score: 1

    This is a newer ID. I have been on slashdot since '99

  41. Introduction to post-quantum cryptography by Anonymous Coward · · Score: 2, Informative

    There is an old paper, written by DJB, which gives a quick introduction to some (this and) other quantum computer resistant encryption methods: Introduction to post-quantum cryptography

  42. Re:Timeless saying applies here... by McGiraf · · Score: 1

    yes, take the seeds in it and plant them.

    Easy,

  43. Arxiv paper by da+cog · · Score: 1

    Here is a link to the paper on the arxiv:

    http://arxiv.org/abs/1008.2390

    Reading through the abstract, I see that a significant feature of this cryptosystem is that it cannot be solved by "strong Fourier sampling", which makes the situation more interesting because it is only a slight exaggeration to say that quantum Fourier transforms are the only trick we know of that lets us get exponential speed-ups in quantum algorithms.

    --
    Snarkiness is inversely proportional to wisdom because it emphasizes feeling right rather than being right.
  44. Re:No by joemck · · Score: 1

    I call shenanigans. No hot girl sends pictures to someone who posts on Slashdot.

  45. Re:Timeless saying applies here... by ae1294 · · Score: 1

    This is a newer ID. I have been on slashdot since '99

    ... yeah ...

  46. Re:Timeless saying applies here... by garyebickford · · Score: 2, Interesting

    It's worth noting that social engineering is quite often the cheapest method. I was at a conference back in 1999, where a Navy guy pointed out that in 'red team' testing, they'd found that the typical Systems Administrator would roll over for an average of $7000. No, I don't know how the details of how they conducted the test.

    One could argue (or hope) that _most_ SysAdmins these days are more cognizant of the risks, so probably not as casual as they used to be.

    --
    It's easier to be a result of the past, but more fun to be a cause of the future! http://www.spacefinancegroup.com/
  47. This doesn't rule out other methods by JoshuaZ · · Score: 1

    This doesn't rule out other methods of speeding up using quantum tricks. Also, keep in mind that this may all be for naught since no work of this form can rule out the existence of a fast classical algorithm for handling the problem. Thus, implicitly, all these sorts of results are interesting primarily if one assumes that these sorts of problems don't lie in P. The good news is that the hidden subgroup problem is very likely not in P.

  48. Re:Just ask Herr Jobs by daveime · · Score: 1

    There was an app named iGnore, which was rumoured to hide Apple stories from the Slashdot website.

    Unfortunately, anyone who used it only saw a blank screen and assumed it was broken.

  49. Re:Its callled a "one-time" page by Sir_Lewk · · Score: 1

    Regardless of whether or not his method is "good enough" (it probably is), it's not a OTP unless it uses actually random pads. By definition. If it's using a PRNG instead of a RNG, it is called a stream cipher.

    'One time pad' is a term of art. In technical discussions about cryptography is should only be used where technically correct.

    --
    "linux is just DOS with a UNIX like syntax" -- Galactic Dominator (944134)
  50. Let's just back up a moment. by fyngyrz · · Score: 2, Interesting

    A good encryption should not be "solvable" - it must be brute forced.

    How do you brute force (or solve) a one-time pad, where the pad was created from random atmospheric noise or any other truly random source?

    [...]

    ...that's what I thought. You can (a) beat the message out of the sender or receiver, (b) sweet-talk the message out of the sender or receiver, or (c) steal the pad ahead of time (proper use of OTPs requires they be destroyed when used.) But you can't brute-force it or solve it. It's unbreakable. Properly implemented, you can't even determine the symbol size. And it's *easy* to implement; any PDA or phone has the horsepower to encode using OTPs to any size message these days, and what's more, to stick it nicely inside a JPG or PNG or MPEG or something as a LS-bitstream and fire it off, at the same time destroying the source OTP and *any* hope an interceptor has of breaking it.

    The only downside (and it's really not much of a downside) of OTP technique is that you need the pads before you need the message. However, I actually can't think of a situation where that would seriously inconvenience modern users of the technique.

    Oh, and how do you unbreakably update OTPs in the field? Easy: You encrypt them with the last/reserved OTP the other end has. Cyclic encryption of truly random numbers? Incomprehensible. It's just another 100% opaque data stream. Done deal.

    --
    I've fallen off your lawn, and I can't get up.
    1. Re:Let's just back up a moment. by EsbenMoseHansen · · Score: 1

      One-time passwords are a variation off the pre-shared key methods, where the sender and receiver have agreed on a set of keys on some presumed secure channel. Used as a method of identification, this method is exactly as secure as the pad (and its copies) are. However, the system does not have the advantages of asymetric encryption, in that whoever has the other copy of the preshared key (the bank, e.g.) can impersonate you, while with asymetric keys nobody can impersonate you (provided the channel where the public key is distributed is secured, like in the OTP example).

      --
      Religion is regarded by the common people as true, by the wise as false, and by rulers as useful.
    2. Re:Let's just back up a moment. by Notch · · Score: 1

      Your post was great up until the final paragraph where you suggest reusing one time pads. That will not work. Rot 13, for example, is a reused one time pad of size 1.

    3. Re:Let's just back up a moment. by mr_mischief · · Score: 1

      I missed the part about reusing pads, even after rereading. "You encrypt them with the last/reserved OTP the other end has." is mistaken in the idea that you can use a bitstring longer than the pad itself. It's not really a suggestion to reuse a pad that's already been used, though. It's a suggestion that the new pad be encrypted with the last pad bits not used from the old pad source.

      One could chain-block a partial pad out to cover a larger cleartext, but then you're not really utilizing a full one-time pad.

    4. Re:Let's just back up a moment. by Notch · · Score: 1

      Still, it would be possible to end each message with a textual representation on how to generate the next pad. "Generate the next 1000 byte pad from the GPS coordinates of the next 100 earthquakes, as reported by site.org.example.net" Or even easier, "hey, drive over here and pick up a HD full of the next 2 tb of OTP"

    5. Re:Let's just back up a moment. by fyngyrz · · Score: 1

      That's not updating. instead of my original OTP, I now have a new OTP of exactly the same length.

      Yes, exactly. So... in what sense is this not an updated OTP? Are you saying that because it is limited to the length of the reserved original OTP (which I absolutely agree with, btw) that it's not new? It'll be different, will it not? And it is every bit as secure as the original reserve, is it not? And it serves as yet another completely incomprehensible stream of X to burn useless cycles on decrypt attempts, does it not? Maybe you're using "updated" in a way I don't understand, or as a synonym for "OTP of equal length", which is not something I meant to imply.

      --
      I've fallen off your lawn, and I can't get up.
    6. Re:Let's just back up a moment. by fyngyrz · · Score: 1

      I think you failed to comprehend what the original poster said, actually. I wasn't attacking him, I was just pointing out that a good encryption - in this case OTP encryptions - don't respond to brute force. At all. There's no amount of force that is sufficient or appropriate. Nor are they solvable. They are not only "good encryptions", they are *awesome* encryptions.

      But thanks for playing: HDCUTWSVZPXYAZZC.

      Let me know when you brute force that. :)

      --
      I've fallen off your lawn, and I can't get up.
    7. Re:Let's just back up a moment. by fyngyrz · · Score: 1

      Impersonation is an entirely different problem, and it may or may not be an advantage: for instance, when the endpoints are (or must be) trusted, it's irrelevant. And I should point out that if the endpoints aren't trusted, you shouldn't be talking to them at all.

      --
      I've fallen off your lawn, and I can't get up.
    8. Re:Let's just back up a moment. by fyngyrz · · Score: 1

      is mistaken in the idea that you can use a bitstring longer than the pad itself

      I didn't mean to suggest that. I can see how it could be read that way, "cyclic" was poor wording on my part (I meant new random against old random, not reusing a short pad against a long message), I'm entirely on board with the updated OTP having to be the same (or lesser) length than the reserved OTP. Otherwise the repeated presence of the short OTP provides an analytical hook.

      --
      I've fallen off your lawn, and I can't get up.
    9. Re:Let's just back up a moment. by Unequivocal · · Score: 1

      Huh? If the new OTP is the same length as the reserved elements of the old OTP, why not just use the old OTP? I'm not following along.

      I had always thought that you could not update "keys" for new OTP's via already exchanged OTP's b/c of this problem about length (you need an existing OTP of the same length as the new OTP you wish to transfer). You always have to exchange keys out-of-band (physically or whatever).

      Let me know if this is not correct please.

    10. Re:Let's just back up a moment. by fyngyrz · · Score: 1

      If the new OTP is the same length as the reserved elements of the old OTP, why not just use the old OTP?

      Each exchanged OTP introduces another incomprehensible message to the channel which, for almost no effort on your part, can consume opposition decryption resources (to no effect) as it is not distinguishable from a real message, while it also buries actual messages in between. Confusion to the enemy is rarely a bad way to go. It's trite, but it is none the less true.

      --
      I've fallen off your lawn, and I can't get up.
    11. Re:Let's just back up a moment. by EsbenMoseHansen · · Score: 1

      There are lots of endpoints where I need to identify myself, but which I don't necessarily trust. Slashdot is one example. My bank is another, the people adminstering this countries registry of citizens a third. This is done by different means today (preshared passwordhash, certificate+password and OTP respectively, but practically assymetric id+encryption would be able to solve this annoying problem once and for all. Only, it isn't happening.

      --
      Religion is regarded by the common people as true, by the wise as false, and by rulers as useful.
    12. Re:Let's just back up a moment. by fyngyrz · · Score: 1

      This still rests on the assumption that the opposition can't distinguish the new pad from a real message.

      The only way to break a message - or a pad - encrypted with a OTP, is to have the OTP that was used to encrypt it. And the opposition doesn't have that. Nor is that pad re-used. So no one is going to be breaking the new pad that is in transit. It doesn't even *matter* if they know it's a pad (by length, for instance, if you're really naive about your messaging), because *they can't know what's in it*. Consequently there are no chinks, other than the usual endpoitn compromises - steal the pad, or get the message from the principles (beat it out of them or sweet-talk it out of them.) You simply can't break OTP messages if the encode/decode OTP is used properly and the OTP is truly random, as of course it must be. There are no exceptions.

      --
      I've fallen off your lawn, and I can't get up.
    13. Re:Let's just back up a moment. by fyngyrz · · Score: 1

      Read the thread, please. Asked and answered.

      --
      I've fallen off your lawn, and I can't get up.
  51. Re:Timeless saying applies here... by MareLooke · · Score: 1

    There still being a flower means there will be no seeds (yet) though.

  52. Quantul coputers ? by Yvanhoe · · Score: 1

    I thought it had been proven that quantum computation was a pipe dream (you can't physically compute 2^N operations with less than 2^N atoms). Is the hypothesis still considered plausible ?

    --
    The Wise adapts himself to the world. The Fool adapts the world to himself. Therefore, all progress depends on the Fool.
  53. Re:Timeless saying applies here... by Grygus · · Score: 1

    It's worth noting that social engineering is quite often the cheapest method. I was at a conference back in 1999, where a Navy guy pointed out that in 'red team' testing, they'd found that the typical Systems Administrator would roll over for an average of $7000. No, I don't know how the details of how they conducted the test.

    One could argue (or hope) that _most_ SysAdmins these days are more cognizant of the risks, so probably not as casual as they used to be.

    Not disputing your point, but regarding the seemingly low number: the job market may have had an effect, too; 1999 was a very good time to be in IT. Quitting one job and picking up a couple months' salary in cash probably looked a lot better than it would for most people now.

  54. Re:Timeless saying applies here... by garyebickford · · Score: 1

    A fair point, but I would say that the number is at least one, maybe two orders of magnitude too low. $7000 is pocket change, probably less than the red team paid to fly there (wherever 'there' was). It says that a sysadmin would sell out what must be viewed as a multimillion dollar asset (not to mention their self-respect) for pennies on the dollar. To me it means that the sysadmins had no respect for their jobs, their profession, their responsibilities. If you're going to be a sleazebag crook, at least do it for what it's worth. If you steal a Mercedes you don't sell it for $100.

    --
    It's easier to be a result of the past, but more fun to be a cause of the future! http://www.spacefinancegroup.com/
  55. Re:Timeless saying applies here... by JSlope · · Score: 1

    Although I'm working with cryptography, I must admit there are a lot of technical ways to circumvent it, the cryptography will only help to rise the cost of those technical ways. And to be really secure, you must have special computers in special rooms in addition to using cryptography.

    --
    ResoMail - the alternative secure e-mail system
  56. Re:Timeless saying applies here... by Thanshin · · Score: 1

    How does that apply to this article, in any way?

    I don't think you'd be surprised by how many upmods you could get by replying with old saying to just about any topic.

    You can even pick one at random, post it in the next news item without even readin it and you'll have big chances of at least a +1 (insightful) among all the offtopics.

  57. Re:Timeless saying applies here... by garyebickford · · Score: 1

    Back in the day (1980) where I worked we were trying to get some computer graphics terminals 'TEMPEST' certified. For those not familiar, this was a standard for minimal leakage of EMI, such that folks outside the building could pick up the noise and figure out what you were typing on your keyboard, or what direction and speed the plotter pen was moving, or even (I suppose) the memory addresses put on the bus - and certainly the large EMI coming off the high voltage guns for the display tubes, which could tell you what was on the screen.

    The interesting thing was that the standard was classified. We would send our equipment for testing, and they would send it back and say only 'nope, not yet' - no clue to how it failed. We would then have to try to figure out what to do to improve it.

    It was totally understandable - knowing the standard would provide information on how to defeat it. But it was a very puzzling way to work.

    Interestingly, I see that according to the Wikipedia article TEMPEST is still valid terminology, and the standards are still mostly classified.

    --
    It's easier to be a result of the past, but more fun to be a cause of the future! http://www.spacefinancegroup.com/
  58. Re:Timeless saying applies here... by ichthus · · Score: 1

    Still a young'n. Heh, n00b!

    --
    sig: sauer
  59. Re:Timeless saying applies here... by teridon · · Score: 1

    I guess you think "2ndcoming" is nothing like "W8"

    --
    I hold it, that a little rebellion, now and then, is a good thing. -- Thomas Jefferson
  60. Re:Timeless saying applies here... by Jack9 · · Score: 1

    > How does that apply to this article, in any way?

    I don't think you'd be surprised by how many upmods you could get by replying with old saying to just about any topic.

    Now that makes sense.

    --

    Often wrong but never in doubt.
    I am Jack9.
    Everyone knows me.
  61. Re:Timeless saying applies here... by TemporalBeing · · Score: 1

    A fair point, but I would say that the number is at least one, maybe two orders of magnitude too low. $7000 is pocket change, probably less than the red team paid to fly there (wherever 'there' was). It says that a sysadmin would sell out what must be viewed as a multimillion dollar asset (not to mention their self-respect) for pennies on the dollar. To me it means that the sysadmins had no respect for their jobs, their profession, their responsibilities. If you're going to be a sleazebag crook, at least do it for what it's worth. If you steal a Mercedes you don't sell it for $100.

    Or that those sys-admins feel like Peter Gibbons in office-space so they see it as an opportunity to cash in.

    Just saying...and there are a lot of thieves that would sell the Mercedes for $100 if it means easy out of the situation.

    --
    Truth is like the sun. You can shut it out for a time, but it ain't goin' away. - Elvis Presley (source: imdb.com)