With Quantum Key Exchange (like somebody correctly called quantum Encryption) you have an unbreakable way, not vulnerable to MITM attacks, to send a random stream of bits, i.e. the key.
Then, you use One Time Pad (OTP) cryptography, which is well-known as unbreakable, once you have sent the key: you xor the key with the message, and send it... since you xor the plaintext with random data, you get random data. If (for instance) plaintext is all '0' or all '1', i.e. no entropy at all, you get the key or its complement.
Now, what can be analyzed in a max-entropy stream?
I'd think that if you discover that P=NP, you'd also see that actually the Polinomial algorithm can be slower than the Exponential one for the same problem...
The fact that in real life P is better than NP is just an accident... When the order of the P algorithm will become 1000, we'll lose. And if P=NP, that will probably happen.
I'm not talking abstractly, for a long time this was the situation for Linear Programming...
The Simplex algorithm (an Exp. one) was faster than the existing Polinomial Algorithm in the average case...
Actually a Polinomial algorithm faster than the Simplex Alg. has been discovered, after some years... though I think it was too complex and so, often, the Simplex is preferred.
Yes, that *is* stupidity, which must not be premiated.
But the simple problem is that those people should not have been admitted to a college... How did they pass the admission exams / high school and so on?
The problem is there - previous school thought them to plagiarize, apparently. And the proper solution stands in previous school.
This applies to any situation where the class does not fulfills the prerequisites - and goes together with them selecting the wrong course (a too hard one).
As one UML developer, I feel the need to correct you.
You put things from farthest to nearest to the kernel level. But you don't realize the security order is mostly the same.
For 1) you're correct.
For 2), you aren't. One unprivileged user which is inside UML has not user access to the host. It would need to first exploit UML to get that access...
What you say can be true for root only: root can write kernel modules to do anything it wants on the host... but you fix this easily by running it chroot. Obviously there are bugs, then.
Also, performance-wise,
3) I might believe that Xen can, given its more intrusive design, achieve better performance than UML (though the benchmarks about UML they publish are with a old version - some big performance improvements have been done since).
About security, the guest kernel is also running at ring 1, which is, strictly speaking, a more privileged execution. And it interacts with the host (ring0) kernel with a low-level API. The same way the Linux API is exploitable at times, the low-level API used by Xen is possibly exploitable at times.
Claiming that one software is bugfree is nonsense (or marketing).
It may be harder to exploit because this API is probably simpler, I guess... but they are probably exaggerating on this. Correct me if you know something more specific about Xen.
4) Agreed that VServer is the fastest.
Being more secure of all is nonsense, instead. You must go fixing all syscalls to check that they are working in the right way, i.e. not operating on another Virtual Server outside or on the host.
Also, it provides the least insulation: for instance, I think it will never be possible to have different module sets in different VMs. And it was difficult, last time I did a look, to even limit the physical RAM or the CPU time assigned to a VM.
With UML, you just use nice and renice for that. Don't know with Xen.
Slashdot Mirror
The problem is that the more you increase the key size, the more your conventional computer gets slower, too.
But quantum computers are not at all faster computer - they scale better for some kind of computation.
For breaking a key of N bits, your computer needs about time 2^N, while a quantum computer needs time B.
With Quantum Key Exchange (like somebody correctly called quantum Encryption) you have an unbreakable way, not vulnerable to MITM attacks, to send a random stream of bits, i.e. the key.
Then, you use One Time Pad (OTP) cryptography, which is well-known as unbreakable, once you have sent the key: you xor the key with the message, and send it... since you xor the plaintext with random data, you get random data. If (for instance) plaintext is all '0' or all '1', i.e. no entropy at all, you get the key or its complement.
Now, what can be analyzed in a max-entropy stream?
I'd think that if you discover that P=NP, you'd also see that actually the Polinomial algorithm can be slower than the Exponential one for the same problem...
The fact that in real life P is better than NP is just an accident... When the order of the P algorithm will become 1000, we'll lose. And if P=NP, that will probably happen.
I'm not talking abstractly, for a long time this was the situation for Linear Programming...
The Simplex algorithm (an Exp. one) was faster than the existing Polinomial Algorithm in the average case...
Actually a Polinomial algorithm faster than the Simplex Alg. has been discovered, after some years... though I think it was too complex and so, often, the Simplex is preferred.
Yes, that *is* stupidity, which must not be premiated.
But the simple problem is that those people should not have been admitted to a college... How did they pass the admission exams / high school and so on?
The problem is there - previous school thought them to plagiarize, apparently. And the proper solution stands in previous school.
This applies to any situation where the class does not fulfills the prerequisites - and goes together with them selecting the wrong course (a too hard one).
As one UML developer, I feel the need to correct you. You put things from farthest to nearest to the kernel level. But you don't realize the security order is mostly the same. For 1) you're correct. For 2), you aren't. One unprivileged user which is inside UML has not user access to the host. It would need to first exploit UML to get that access... What you say can be true for root only: root can write kernel modules to do anything it wants on the host... but you fix this easily by running it chroot. Obviously there are bugs, then. Also, performance-wise, 3) I might believe that Xen can, given its more intrusive design, achieve better performance than UML (though the benchmarks about UML they publish are with a old version - some big performance improvements have been done since). About security, the guest kernel is also running at ring 1, which is, strictly speaking, a more privileged execution. And it interacts with the host (ring0) kernel with a low-level API. The same way the Linux API is exploitable at times, the low-level API used by Xen is possibly exploitable at times. Claiming that one software is bugfree is nonsense (or marketing). It may be harder to exploit because this API is probably simpler, I guess... but they are probably exaggerating on this. Correct me if you know something more specific about Xen. 4) Agreed that VServer is the fastest. Being more secure of all is nonsense, instead. You must go fixing all syscalls to check that they are working in the right way, i.e. not operating on another Virtual Server outside or on the host. Also, it provides the least insulation: for instance, I think it will never be possible to have different module sets in different VMs. And it was difficult, last time I did a look, to even limit the physical RAM or the CPU time assigned to a VM. With UML, you just use nice and renice for that. Don't know with Xen.