28 comments

[ 0.27 ms ] story [ 67.2 ms ] thread
Nice list! One I’d add: one of my all-time favorite cryptography-related quotes is from Bruce Schneier‘s Applied Cryptography, talking about key length:

> These numbers have nothing to do with the technology of the devices; they are the maximums that thermodynamics will allow. And they strongly imply that brute-force attacks against 256-bit keys will be infeasible until computers are built from something other than matter and occupy something other than space.

Full context: https://www.schneier.com/blog/archives/2009/09/the_doghouse_...

That argument only applies to irreversible computation. The errata for Applied Cryptography corrects this:

> The section on "Thermodynamic Limitations" is not quite correct. It requires kT energy to set or clear a single bit because these are irreversible operations. However, complementing a bit is reversible and hence has no minimum required energy. It turns out that it is theoretically possible to do any computation in a reversible manner except for copying out the answer. At this theoretical level, energy requirements for exhaustive cryptanalysis are therefore linear in the key length, not exponential.

Really, you get less bang for your buck than that, for the simple reason that cryptanalysis isn't about brute forcing at all.

If you take some cypher text, and it is surely known to be a non-random value, for example, because you can tie the timing of a given point-to-point message to real world activities, say... insider trading. Well, fundamentally, we then know that the value of the text must be structured data, and not random, but human readable.

That means you can work backwards from the space of structured data, instead of the full scope of random strings, in order to break the keys.

Encryption is not as strong as it's purported to be, even without back doors, or less than random weaknesses built into the numerical roots of the scheme.

To understand what I'm driving at, consider the challeng of an encrypted string consisting of 4 characters:

  $&@%
If we know it's a word, then that limits the attack space to English words.

So, let's say we have another length of text surely containing words, and encrypted with the same key.

Well, now we only need to look at the keys that transform the first string into valid words, and then the intersection of keys that produce words for both strings, after that, it's down to context and deniability. And with that, your brute force space is much smaller, much more manageable.

...or at least, smaller than the premise of thermodynamic laws requiring the utilization of a dyson sphere to break a cypher text.

Can I add mine that still holds true in 2019:

Largest number factorized using quantum computers, if we only count algorithms that can theoretically scale into cryptographic levels, is 21.

Please explain it.
Every day you hear doomsday predictions about end of the crypto as we know it because of the quantum computers. Reality is that largest factored integer using quantum computers to this day is 21. There are some larger numbers around 100k factored but those use algorithms that will never scale into crypto levels.
Do you have an authoritative citation for that? For 2018 rather than 2019 would be fine. I've heard orders-of-magnitude higher claims, but haven't been able to find any report of them.
I belive I said the first quote many times during my college years.
Was surprised not to find "people are a poor source of entropy," on the list. I'm quite sure I didn't coin that, and it's practically an amendment to the Kirchoff priniciples, just don't know who said it.
My two favorites aren't on the list, perhaps because they were never put in these exact words or they are mis-attributed:

"Cryptography is not magic pixie dust that you can sprinkle on a system to make it secure" -Bruce Schneier [? - couldn't find a good source]

"If you think cryptography will solve your problem, either you don't understand cryptography, or you don't understand your problem." -Roger Needham / Peter G. Neumann

I just dug around a bit to find the likely source of the "crypto magic pixie dust" quote, and I think it's Gary McGraw. He uses that phrase a lot, and a search of "crypto fairy dust" in Google Books brings up books by him dating as far back as 1999.
I think this should take the cake: "We kill people based on metadata.", Gen Michael Hayden(Frmr NSA Director).
"There are two kinds of cryptography in this world: cryptography that will stop your kid sister from reading your files, and cryptography that will stop major governments from reading your files."

— Bruce Schneier

I respectfully disagree... <g>

"There are three (3) kinds of cryptography in this world: cryptography that will stop your kid sister from reading your files, cryptography that will stop major governments from reading your files, and finally, the strongest cryptography -- cryptography that will stop Bruce Schneier -- from reading your files." <g>

(Bruce Schneier = Cryptography's Chuck Norris...<g>)

((And the third such cryptography, if it exists... will be found to have been created by -- you guessed it -- Bruce Schneier! <g>))

> Security wins many battles but loses the security war. We are definitely going backwards in computer security.

> — Adi Shamir

Source/context for this quote? I do find myself agreeing, but as this seems somewhat more atypical view I'd love to read more about it. Best source I found was this short article about RSA2007 conference, but I couldn't find the referenced panel discussion recorded or transcribed anywhere.

https://www.zdnet.com/article/rsa-2007-keynotes-notable-quot...

Overall I think these sorts of quote collections would be massively more useful if they'd contain verifiable sources.

My favourite quote is from cperciva:

"The purpose of cryptography is to force the US government to torture you."

There are some really good ones I haven't heard before:

>> You voice is always heard - NSA.

That made me chuckle.

Your comment has been read. - NSA and other big brothers :-)