[cryptography] Well, that's depressing. Now what?

Bill Squier groo at old-ones.com
Tue Jan 31 13:51:32 EST 2012


Mmm, mail misfire.  Apologies.  I'd say "I'm better than that", but apparently, I'm not.

-wps

On Jan 31, 2012, at 1:50 PM, Bill Squier wrote:

> On 01/31/2012 05:21 AM, ianG wrote:
>> 
>> major software product that still calls self-signed certificates
>> "snake-oil" certificates. Which is upside down, the use of the term
>> itself can be snake-oil recursively.
> 
> That would make it 'Ouroboris oil'.
> 
>> Yes, easy. QKD requires hardware. A laser+receiver at each end fiber in
>> the middle. Software techniques don't impose any hardware costs.
>> 
>> QKD is only ever point to point. It can never be end to end. We now have
>> a 1.5 decade experiment that tells us that point to point security is
>> pretty much ... cosmetic for serious purposes.
> 
> Now, now. Weren't you just sticking up for self-signed certs?
> 
> Different applications have different needs. For the foreseeable future, QKD requires dedicated hardware at each end of an unboosted fiber circuit. This is OK! Every system has known limitations.
> 
>> It's like this: in principle, it is possible to imagine a "perfect" link
>> between those two boxes. But, those two boxes aren't customer
>> applications. Pretty much all customer applications are more complex
>> than two end-points and a piece of string between.
> 
> There are some fixed point-to-point connections of bicycle distance in the world needing security from fiber-splicing attackers who control the physical key distribution and might also (can't say for sure) secretly have better mathematicians than the rest of the world.
> 
> You know what QKD would have been great for?  West Berlin.
> 
> With the short block lengths in use back then it probably would make sense to re-key every minute.
> 
> - Marsh
> _______________________________________________
> cryptography mailing list
> cryptography at randombit.net
> http://lists.randombit.net/mailman/listinfo/cryptography




More information about the cryptography mailing list