|
Posted by Harlan Messinger on 12/18/07 16:12
Andy Dingley wrote:
> On 13 Dec, 18:54, Harlan Messinger <hmessinger.removet...@comcast.net>
> wrote:
>> Andy Dingley wrote:
>>> On 13 Dec, 17:21, Harlan Messinger <hmessinger.removet...@comcast.net>
>>> wrote:
>>>> Public key encryption is nothing more than security by extreme
>>>> obfuscation.
>>> Only if you stretch the terms beyond the breaking point of their usual
>>> meanings.
>> The word "extreme" already means "at or beyond the limits". How can
>> "extreme" be stretched beyond that meaning?
>
> I don't object to "extreme", so much as it's use to qualify
> "obfuscation".
>
> You appear to be using obfuscation to imply "camouflage" (potentially
> discoverable, with effort) and qualifying it with "extreme" makes it
> hard to find fault with the statement.
So your objection is that you wanted to pick apart my statement but I
didn't leave room for you to do so, so you tried to recast my remark in
a manner that would let you pick it apart, and I caught your bluff.
Sorry for the inconvenience.
> PK (for practical algorithms,
> such as factorising the products of long primes) is of course merely
> obfuscation because we know exactly _how_ to break it, it's just that
> we cannot do this (for any practical or anticipated approach).
>
> Yet the phrase "extreme obfuscation" still embodies the term
> "obfuscation", and the impression that will inevitably generate in the
> mind of the reader is as something that's basically insecure. Weasel
> words, used to create an impression that PK is somehow insecure,
> without going so far as to make a statement that's provably false.
It isn't false, so how could I make it provably false? Don't explain
"falsifiability" to me--I already understand it just fine. There isn't
anything unfalsifiable about what I said. You just want to believe that
PK is inherently secure, and my point was that its security lies
*solely* in the impracticality of testing quadrillions or quintillions
or however many -illions of possible keys would be necessary to hit upon
the one that was used in the encryption. This differs from the case we
were discussing with respect to the OP's situation only in orders of
magnitude, and if ten years from now processors become octillions of
times faster than they are now, PK keys would be broken like *that*.
This isn't news. It's obvious and well-known to everyone in the field.
So as I said, the only difference is the order of magnitude, and, as I
said, PK is an extreme case.
> "When did you stop beating your wife?"
>
> There's also the issue that "obfuscation" in the crypto world is
> generally used to mean a process that's deliberately lossy and thus
> absolutely irreversible (albeit thus no use for encryption), eg.
> displaying only the last 4 or 5 digits of a card number.
Navigation:
[Reply to this message]
|