Mathematician warns NSA may be weakening next-gen encryption::Quantum computers may soon be able to crack encryption methods in use today, so plans are already under way to replace them with new, secure algorithms. Now it seems the US National Security Agency may be undermining that process

    • SkyeStarfall@lemmy.blahaj.zone
      link
      fedilink
      English
      arrow-up
      17
      ·
      1 year ago

      I think you vastly underestimate modern encryption. I would recommend looking up concepts and math from encryption, it makes more sense for why thinking that practically unbreakable encryption is very much possible once you do.

      It’s why governments want to implement back-doors, because they are not actually capable of breaking it more directly.

        • SkyeStarfall@lemmy.blahaj.zone
          link
          fedilink
          English
          arrow-up
          17
          ·
          1 year ago

          …it’s literally about accusing NSA of trying to implement back-doors for quantum resistant encryption.

          I have no idea what you’re trying to get at.

          • Flying Squid@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            arrow-down
            7
            ·
            edit-2
            1 year ago

            NIST is giving incorrect information. That will not enable back doors. And it is only a matter of time before that doesn’t matter. I have no idea why you think there is such a thing as an unbreakable code that is not a one-time use code.

            Edit: ACCUSED of giving incorrect information.

            • FooBarrington@lemmy.world
              link
              fedilink
              English
              arrow-up
              14
              ·
              1 year ago

              I have no idea why you think there is such a thing as an unbreakable code that is not a one-time use code.

              I have no idea why you think there isn’t. Maybe you’re going off a strange definition of “unbreakable”. When it’s used in cryptography, it means “unbreakable in reasonable time limits” (e.g. millions of years).

              The thing about good encryption is that it’s not just hard to break, it’s mathematically too hard to break even if your available computing power keeps rising exponentially. Unless there is a mistake in the algorithm, it is for all intents and purposes, unbreakable.

            • frezik@midwest.social
              link
              fedilink
              English
              arrow-up
              6
              ·
              edit-2
              1 year ago

              There are theoretical limits to the speed of computation. One limit is the minimum amount of energy it takes to flip a bit. For 256-bit encryption, you have to start saying things like “assume we can convert 100% of the energy from a supernova into a theoretically perfect computer with perfect efficiency”. This is a round about way of saying “impossible”.

              We’ve been hammering AES and RSA for decades now, and we haven’t been able to get significantly better than brute force against either one. Quantum computers will break RSA (if they can be made with enough qbits, but might be infeasible), but worst case scenario for AES is that we double the key length and we’re good again.

    • Case@lemmynsfw.com
      link
      fedilink
      English
      arrow-up
      11
      arrow-down
      1
      ·
      1 year ago

      As my grandfather was wont to say, locks are for honest people.

      Most forms of security are theater and used as a deterrent.

      If your door is locked, and your neighbors isn’t, well your lock deterred them.

      Then again, if someone means you in particular harm, they’ll get in, bricks are cheap and most home windows are focused on limiting thermal transfer, not being overly durable (say under an attack). It may not be quiet, you may be able to defend yourself or run or whatever, but the lock was not a deterrent.

      So yes, lock your doors, encrypt everything you can, keep devices updated, etc. But it won’t stop a determined bad actor if they have reasonable capabilities to do you harm.

      The problem with security, especially cyber security, is that you have to find a medium between secure and usable. Most companies, in my experience, tend to loosen security in the name of usability.

      I’m not an expert, but I’m studying in that direction with my limited free time (and more to the point, energy and mental health)

        • havokdj@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          arrow-down
          1
          ·
          1 year ago

          I hate the term social engineering. The only reason that social engineering is an issue is because security has gotten so good, that now people are the low hanging fruit.