The NSA's $2 Billion New Utah Snooping Warehouse > Wasting more $$$

reply to PToN

Re: Wasting more $$$

From the sounds of it, I don't think you've ever studied this in a classroom, you're just regurgitating incomplete ideas that you read without understanding. First you said that current ciphers are mathematically proven to be secure, now you're saying, "Just because we don't have a formal proof..." You can't have it both ways. Again, the only current cipher that's provably secure is the one time pad.

Once again, the idea that P=NP is so universally rejected that I can only assume your trying to troll or are very ignorant and simply don't read the literature.

Also on a very related topic, you blissfully unaware that every piece of modern literature suggest with almost certainty that there is no pattern to the larger prime numbers.

That doesn't bode well for P = NP does it?

Lastly, I can forgive not knowing my dated term "short cipher" since beyond a few old books I have I bet its NEVER used since it can be confused with a literal short cipher.

Now, who was the one talking out of their ass again?

I take back the part about you talking out of your ass, I think you do know what you're talking about but we're just talking past each other.

No, I don't think that P=NP (though some respected computer scientists, like Richard Lipton, do). I was using it as an example of why current ciphers are not provably secure. In math, provable has a very precise meaning. If there is no formal proof, then it's not proven. Again, I'm not trying to patronize you since I'm guessing you understand this and were just using a more colloquial definition for the word proof, but that definition should never be combined with the word "mathematical" since now you're in real proof territory.

I'm also far from convinced that RSA is actually 100% secure, even in practice (I'm mentioning RSA since we're talking about factoring, even though the article is about AES). This is for much more pedestrian reasons than the tiny possibility that P=NP. For one, once a quantum computer with enough qubits is built, RSA will have been broken. Another reason is that RSA depends on the trapdoor one-way function assumption (that functions exist which are easy to calculate but hard to invert, unless a piece of information called a trapdoor is known). Russel Impagliazzo breaks out the possibilities nicely in his "Five Worlds" paper.

Again, from a practical point of view - whether dealing with asymmetric ciphers like RSA or symmetric ciphers like AES - I would not advise encrypting something with the expectation that it stay unbreakable forever. This is precisely because these ciphers are not provably secure and we have no idea what new mathematical techniques could be invented (or already exist without our knowledge) to break them.