A new "quantum proof" encryption standard is broken by a low-end PC

The math gets cerebral, and Galbraith suggests if you really want to understand it, you need to study Richelot isogenies and abelian surfaces.
Damn. Another missed opportunity during lockdown.
But we digress

that is one i also missed

i think that tends to be the problem. the entire text of wikipedia is only about 20gb. so you’d need a pretty big pad for modern data

5 Likes

I just assumed, based on the cringe-y nature of so many things crypto, that it was pronounced like the word. Now excuse me while I finish my work on my own crypto standard - Steganographic Combinatorial Authentication Micromatrix, or SCAM for short.

7 Likes

Nah. Humilation is foreign to these particular designers. They’re cats.

11 Likes

This is good. If you are going to avoid a person-in-the-middle attack, you ought to go and meet them anyway. Anything else is not secure.

4 Likes

Nerds are more likely to be into The Three Stooges, so PL would be a likely default. So, amscray!

3 Likes

With all the (well-justified) animosity here toward cryptocurrency, I understand your annoyance. But please do not make the mistake of conflating cryptocurrency with cryptography. The former is a planet-burning ponzi scheme. The latter is a highly technical academic field with a rich history applications to mathematical theory, military intelligence, and international commerce.

The discipline’s academics all hate cryptocurrency just as much as you do, and they’re a victim of this glib verbal conflation, not the perpetrators of it.

14 Likes

Needs to send it in a way that they can prove it wasn’t intercepted. But a true OTP isn’t just uncrackable today, it was proven uncrackable in general by Shannon. The proof is pretty intuitive, too.

3 Likes

Navaho is where it’s at.

5 Likes

Or you encrypt and send the (small) key(s) for another strong cryptosystem using the one-time pad then encrypt the (large) data set with that other system using the encrypted keys.

1 Like

This is the thing- The Vigenère cipher is provably uncrackable, so the hard problem in cryptography changes to that of key distribution.

Of course, that’s why the world tends to use asymmetric key algorithms rather than the technically more secure methods that we know about. The gains from not having to set up a parallel system of key distribution are large enough to offset the increased “crackability” of the cipher.

… and if you can securely hand off the pad text, why not just give them the message instead :thinking:

6 Likes

I always assumed that it was spelled “psych” because you are trying to “psych somebody out.” and that the word has the same root as psychology.

10 Likes

Perhaps they’ll have to go back to the KG-84A, punched paper tape, and private key encryption.

1 Like

i think the problem is you leak information that way. the reason the pad has to be larger is so that the data can’t be determined through things like frequency analysis. ( at simplest like knowing the most common vowel in english is e )

i’d imagine if you have a system that is safe enough to send scrambled keys, you could just use one of the existing public/private key systems as is. no scrambling necessary

they’d all fall to quantum analysis anyway… in theory

3 Likes

Not sure whether this is a joke or not :thinking: But there may be others who are confused, so I will answer anyhow…

If I meet you, I can give you gigabytes of one-time pad numbers, where I have the only other copy. Now you have the key, I can send you securely many drafts of my forthcoming paper “How to break all codes using quantum”, even though I have not written it yet. This is usually a fatal thing to do with crypto, because the messages are big, and one draft probably has a lot in common with the next one. But if I do a really trivial encoding like XOR each character with a byte from the one-time pad, then all an eavesdropper gets is the number of characters.

1 Like

Wait, what? I had always believed the word was “psych” as in “I psyched you out”! In fact I still believe that and maintain that urban dictionary don’t understand the etymology of the phrase.

ETA: yeah, what @simonize said.

10 Likes

Giving one time pads to a few agents, dropping them behind enemy lines and communicating text messages with them back and forth is pretty easy. It’s a bit more difficult if you’re sending rich data like images. But if you picture a fleet of ships (or military units, or a network of agents) You probably want them to be able to communicate with each other. And that requires that every ship have a separate OTP for every other ship. And since you also probably want to be able to send messages to groups of units, you also need OTPs for different combinations of of units. Which quickly becomes prohibitively larger than all the messages sent.

I am reminded of the time that I have spent explaining to pretty smart people that four letter acronyms are terrible search terms when they are also words in English.

2 Likes

Also the weird habit of naming legislation so the initials make an oh so hilarious and vaguely relevant word.

Why?

Syke is a common way to spell the slang term. I agree that ‘psych’ is probably a more accurate way to spell the phrase as derived from ‘psychological’, but slang being slang ‘syke’ isn’t exactly incorrect either. I imagine ‘syke’ came about simply from not knowing how to correctly spell ‘psych’ and just spelling it phonetically.

1 Like