[VOIPSEC] FWD - Hotel and Wfi Insecurity, including SIP
Michael Shields
shieldszero at aol.com
Mon Nov 21 14:33:56 CST 2005
On 21 Nov 2005, at 14:07, Philip Walenta wrote:
> I just read a fiction book written by Dan Brown (author of the Da
> Vinci
> Code). It was named "Digital Fortress" where the central premise
> is that
> the NSA has a 3000 CPU system that can break any encryption in like 6
> minutes, and then a guy comes up with some sort of encryption with a
> mutating key which fouls the whole thing up. Given that I'm not a
> cryptographer, I don't know if this is even close to possible, but
> I would
> surmise that a mutating key could possibly be the only possibility
> at a
> truly uncrackable scheme.
"Digital Fortress" is a work of pure fiction. In reality:
* A provably unbreakable encryption mechanism is already known, the
"one-time pad". Its disadvantage is that the key must be as long as
the plaintext; i.e., if you want to transmit a megabyte of data, you
must previously have securely agreed on a one-megabyte key. Finding
a secure out-of-band channel to exchange keys in advance is quite
difficult logistically.
* Short keys, like those used in DES (56 bits), can be and have been
exhaustively searched. It is not and never will be possible to brute-
force a 256-bit key because of the physical limits set by the laws of
thermodynamics.
* Encryption systems with keys shorter than the plaintext (e.g., AES
or RSA) are believed to be secure, but are not proved to be so.
Attacks on them do not come from exhaustive search of the keyspace,
but from clever mathematical attacks that allow you to search a
subset of the keyspace.
Schneier's "Applied Cryptography" is the standard book if you are
interested in reading more about these subjects.
--
Michael Shields
Sr. Systems Programmer
AOL Network Security
More information about the Voipsec
mailing list