1. 7
  1.  

  2. 1

    When I think about security, in both the virtual and physical world, it really all just comes down to time. How long can you stall until someone breaks into something? A cheap No. 3 Masterlock with a piece of wire - 3 seconds; A Kryptonite bike lock - 4 minutes with a saw; a heavy 1 ton vault bolted to the ground - a few hours with a drill and other tools. I then thought, what if we got a 3rd party to hide our valuables, somewhere on the earth without our knowledge and then they died? Those valuables are STILL not safe. It’s only a matter of time until someone finds them. Cryptography seems to be the same. It’s only a matter of time until we develop techniques that make breaking through encryptions within a reasonable period.

    So far the only secure place to store information is within your own mind. But even, you may succumb to torture or bribery to pass up that information. The mind itself has one gate keeper and that’s the owner. There are no passwords, there are no identifications.

    When I think about it, we already sort of have this in the virtual world. If you want someone to know something, you can send them a file. In real life, you would speak to this person face to face or give them a document in person.

    AFAIK there is only one unbreakable encryption, and that’s XORPADs. I would opt to use them for sensitive information in combination with modern cryptographic methods to create a very temporary file or something. I also wonder, are there time-sensitive cryptographic techniques? Like a document expires after n seconds, hours, days?

    Just my 2 cents, and probably nothing new.

    1. 3

      AFAIK there is only one unbreakable encryption, and that’s XORPADs. I would opt to use them for sensitive information in combination with modern cryptographic methods to create a very temporary file or something.

      I’ve got two big complaints about this:

      1. There is no meaningful way to combine one-time pads (OTPs, what you probably mean when you say XORPADs) with any other technique without losing all the benefits of the OTP. OTPs are, in many ways, not a form of encryption (the key is not reusable and must be as long as the message); they are better thought of as a form of information splitting (like Shamir secret sharing)

      2. Is encryption still considered breakable if, under the wildest, most optimistic assumptions of computational growth, the chance of breaking it before the sun goes nova is less than the chance of the oceans spontaneously boiling? Because cryptography is making steady progress in that direction?

      I also wonder, are there time-sensitive cryptographic techniques? Like a document expires after n seconds, hours, days?

      Not without quantum computers. Let me elaborate:

      A fundamental property of (classical, as opposed to quantum) digital data is that it can be copied. Normal encryption techniques are about taking the data and transforming it into a form that’s unusable without the right other piece of data. This data is now inert, and can be decrypted whenever anyone wants.

      One attempt to get around this is DRM, but that would be a cop-out answer, since it relies on some external service to grant permission; a safety deposit box at a bank is not a safe.

      Quantum data, on the other hand, cannot generally be copied, and without intervention degrades over time (these are part of the reason building quantum computers is hard).

      1. 1

        If 2 is satisfied, then I would be happy. Otherwise, I would like to see one time use keys or something that prevents the document from being shared more than once…at least the original.

        And yeah, I meant OTP.