Just like 100 programmers working for a recording company will never be able to outthink 100'000 people who are quite qualified and trying to break whatever new DRM those 100 thought up... is the same way how I know that Diffie Hellman hasn't been broken - there are simply so many MORE people out there who are interested in ensuring that the algorhithm s remain secure.
That's why open design is so important, you can never prove that an algorithm is secure, but if thousands of professional crypto people have looked at it for years, the chances of there being a secret compromise that only the government knows about is fairly small.
Ah, my mistake, I thought you were talking about doing some proprietary thing...but as I said, with modern digital encryption, getting ahold of your physical encryption device doesn't get you a whole lot. Any decent design will have a key that is not part of the device, either a key you memorize or a physical key that you can take with you.
In any case, shift registers and XOR gates are primary building blocks for a lot of hardware encryption, you are right there, but software typically uses shift-registers less, as more efficient operations can be done in software.
"Man in the middle" attacks are nearly useless against modern encryption schemes. All they get in the middle is crypto... No plaintext is transmitted.
Not totally true (depending on what you mean by modern encrpytion). If your crypto system is set up with a shared key from the beginning, you are correct, as there is nothing to get in the middle of but the transmission of ciphertext. However, in most modern encrypted systems, the symmetric key is NOT shared beforehand, so it needs to be set up when the session is initiated. Schemes like Diffie-Hellman are great for this, as they allow key-agreement over insecure channels without a passive eavesdropped getting the key. However, during the key setup, you don't know who you are talking to, meaning that an ACTIVE person listening on the line can perform the key setup with both sides of the connection, in each case pretending to be the other. So if I'm trying to set up a key with you, I really am setting up a key with John Ashcroft, and you think you are setting up a key with me, when you are really setting it up with Mr. Ashcroft as well. I send you a message, Ashcroft can decrypt it, and then re-encrypt it and send it to you. We would have no way of knowing that was going on.
Another method does not actually require that sort of thing at all, and works even with pre-shared keys in many systems that use stream ciphers like RC4. In RC4, pseudo-random numbers are generated and then simply XORd with the plaintext. If I happen to know a piece of the plaintext, and I can interfere with your conversation, I can replace that plaintext with my own plaintext of the same length without having to know the key (thanks to the property of XOR operations). This isn't quite as powerful, but it's still pretty good...
However, any decent modern encryption system will also use some sort of cryptographic authentication during key setup, and and signing of the encrypted text as it is transmitted, making MITM attacks fairly useless against WELL DESIGNED systems. But as we all should know by now, there are a lot of poorly design systems out there.
You're right. I am assuming that the signing keys have been pre-shared. I do not deal with many encryption schemes on a day-to-day basis, and the ones I use (PGP and NSS) are very reliable in the type of implementation I use.
You know what technical details I'M intersted in? All that nonsense Dave was spouting earlier. I mean, it sounds so interesting, but after I asked him to explain what he was talking about...he just up and vanished. Smells like a conspiracy theory to me
TRENDING THREADS
-
Discussion Zen 5 Speculation (EPYC Turin and Strix Point/Granite Ridge - Ryzen 9000)- Started by DisEnchantment
- Replies: 25K
-
Discussion Intel Meteor, Arrow, Lunar & Panther Lakes + WCL Discussion Threads
- Started by Tigerick
- Replies: 23K
-
Discussion Intel current and future Lakes & Rapids thread- Started by TheF34RChannel
- Replies: 23K
-
-
Facebook
Twitter