Encrypted data sample

PEChumbley at aol.com PEChumbley at aol.com
Thu Apr 10 14:07:01 EDT 2003 

In a message dated 4/10/2003 10:28:30 AM Central Standard Time, 
JAMES.G.YATES at saic.com writes:


> Unbreakable! Ha, famous last words of an overconfident cryptologist!
> 
> While I agree that a non-repeating key is the strongest form of encryption,
> it is not neccessarily unbreakable, you have to look at how the key was
> generated, are the numbers truly random or not? If you use your computer as
> you have done in the sample code to generate the key then they are not
> random but rather psuedo-random numbers. If that is the case, then the code
> breaker can use knowledge of how the key was generated to help in 
> decrypting
> the data.
> 
> To be more secure, you should use a truly random source of random numbers,
> such as measurements of radioactive decay.

"the code breaker can use knowledge of how the key was generated to help in 
decrypting the data" is not as simple as it sounds.  I can generate a list of 
random numbers by counting freckles on dogs, but unless one has the resources 
of NSA, the knowldge of that really doesn't make the code any more breakable. 
In addition, techniques such as taking two lists of random numbers and 
mulitplying numbers in one by numbers in another to get a third list of 
random numbers helps get around the "pseudo-random" issue.

A truly random source is of course more secure.  For example, NSA uses cosmic 
emissions. However, the important point, is not whether it is unbreakable, 
but rather, whether it is feasible to break it.  For instance, many 
institutions such as banks use Public Key cyphers which *are* breakable in 
theory.  However, the fastest computers in existence would take millions of 
years to determine the underlying key so for all practical purposes, the code 
is unbreakable.  Thus, unless one is using the code for something which will 
attract the attention of the National Security Agency, the pseudo random 
numbers generated by a computer are, for all practical reasons, unbreakable.  
The main point to remember is that any cypher is simply a fence.  The idea is 
to make the fence high enough so that its impractical for others to try to 
climb over it.

Philip Chumbley
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.runrev.com/pipermail/metacard/attachments/20030410/88efb519/attachment.htm

More information about the metacard mailing list