[cryptography] Well, that's depressing. Now what?
groo at old-ones.com
Tue Jan 31 13:51:32 EST 2012
Mmm, mail misfire. Apologies. I'd say "I'm better than that", but apparently, I'm not.
On Jan 31, 2012, at 1:50 PM, Bill Squier wrote:
> On 01/31/2012 05:21 AM, ianG wrote:
>> major software product that still calls self-signed certificates
>> "snake-oil" certificates. Which is upside down, the use of the term
>> itself can be snake-oil recursively.
> That would make it 'Ouroboris oil'.
>> Yes, easy. QKD requires hardware. A laser+receiver at each end fiber in
>> the middle. Software techniques don't impose any hardware costs.
>> QKD is only ever point to point. It can never be end to end. We now have
>> a 1.5 decade experiment that tells us that point to point security is
>> pretty much ... cosmetic for serious purposes.
> Now, now. Weren't you just sticking up for self-signed certs?
> Different applications have different needs. For the foreseeable future, QKD requires dedicated hardware at each end of an unboosted fiber circuit. This is OK! Every system has known limitations.
>> It's like this: in principle, it is possible to imagine a "perfect" link
>> between those two boxes. But, those two boxes aren't customer
>> applications. Pretty much all customer applications are more complex
>> than two end-points and a piece of string between.
> There are some fixed point-to-point connections of bicycle distance in the world needing security from fiber-splicing attackers who control the physical key distribution and might also (can't say for sure) secretly have better mathematicians than the rest of the world.
> You know what QKD would have been great for? West Berlin.
> With the short block lengths in use back then it probably would make sense to re-key every minute.
> - Marsh
> cryptography mailing list
> cryptography at randombit.net
More information about the cryptography