[147095] in cryptography@c2.net mail archive
Re: [Cryptography] Perfection versus Forward Secrecy
daemon@ATHENA.MIT.EDU (Eugen Leitl)
Fri Sep 13 12:37:41 2013
X-Original-To: cryptography@metzdowd.com
Date: Fri, 13 Sep 2013 08:08:38 +0200
From: Eugen Leitl <eugen@leitl.org>
To: cryptography@metzdowd.com
In-Reply-To: <CAHOTMVKFKiR3ryEkObja934xq2MHjSOnxzFp4ra=ts6=GVExgQ@mail.gmail.com>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
--===============8668567815676396129==
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="6h/OwqfNdX0CBB/K"
Content-Disposition: inline
--6h/OwqfNdX0CBB/K
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
On Thu, Sep 12, 2013 at 09:33:34AM -0700, Tony Arcieri wrote:
> What's really bothered me about the phrase "perfect forward secrecy" is
> it's being applied to public key algorithms we know will be broken as soon
> as a large quantum computer has been built (in e.g. a decade or two).
I do not think that the spooks are too far away from open research in
QC hardware. It does not seem likely that we'll be getting real QC
any time soon, if ever.
The paranoid nuclear option remains: one time pads. There is obviously
a continuum for XORing with output very large state PRNGs and
XORing with one time pads. It should be possible to build families
of such which resist reverse-engineering the state. While
juggling around several MByte or GByte "keys" is inconvenient, some
applications are well worth it.
Why e.g. SWIFT is not running on one time pads is beyond me.
> Meanwhile people seem to think that it's some sort of technique that will
> render messages unbreakable forever.
--6h/OwqfNdX0CBB/K
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iQIcBAEBAgAGBQJSMqvmAAoJEPRuNImsiU7F7bMP/RGDUHk/ahs2AKZGCcKQz4Ga
w4n309SPE6SjLy3U6EUdQ55tZdZiLG/a7LG5L4ZHmtZn1AJSTiaBpyslXcXrxBrx
t/kqAh6VC7MLU2eHldY/J2lm3VvDrLrotEFXPFCt7vyWS7MDVUrc55JdvDsiq7CO
4AWwQYMBxteY3Rr2ksQVO3XyYqoxY22kyXpWc/JXr2qoQNnfFJGp8nXo6q26CREW
gx0Tg7Nf0+2Lsytd9bBqQEo5awakmzDwmnJRcqWbfNSqhTITHCVwZ4jI8C7oP/JX
wDZI9lJS/ISqo+6fL90qQx3TtC8+3h6jtVAeY0thuH78m/1MuMRtKUfe76VSWgu8
uFiHB6VDRfE1Ok/Zg6w1y7/Ez3I9yMuxEcRzsq02FeQ578xoRXalA/PzYV1GBQXx
2hq1fHHgROwfTBky4pV4MdBH581JCvgKqlFeQfwkNYxpgAT4Hipq0SzdDBWJGJ9x
8AHVC4ymWhnxTJx458lHktZq12qH7NvqWmUkQGP8fZEDmpyf4TYqRhjZgyDXUYNJ
OO6HTnfRx5Qina+7PRleY0cT0Dxz5ktO6fwywWAEk+CKRNPoHWs8qFhJX218lchh
8q0eu9MY9V9Hl8QnUHR9phndoPc6WomDnvw4K2t9f24iB1KPOVQX2O9wwuYuL0/l
opYZF4SjrST83DdqWUxh
=ThtA
-----END PGP SIGNATURE-----
--6h/OwqfNdX0CBB/K--
--===============8668567815676396129==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
--===============8668567815676396129==--
