Conversation
Notices
-
Embed this notice
LisPi (lispi314@udongein.xyz)'s status on Monday, 12-Feb-2024 12:18:34 JST 
LisPi
@kkarhan @lanodan @icedquinn @dushman @a1ba @mel @argv_minus_one Personally I think it's ecologically inexcusable.
The devices should simply have been encrypted from the start, but certainly not destroyed while still usable.- Haelwenn /элвэн/ :triskell: likes this.
-
Embed this notice
iced depresso (icedquinn@blob.cat)'s status on Monday, 12-Feb-2024 13:14:35 JST 
iced depresso
@lispi314 @dushman @kkarhan @argv_minus_one @mel @lanodan @a1ba last i ever read the papers all of the post quantum crypto was still in draft/unstable form. that was back when i coded blake2 in nim and was still reading papers. -
Embed this notice
argv minus one (argv_minus_one@mstdn.party)'s status on Monday, 12-Feb-2024 13:14:36 JST 
argv minus one
There was a time when all non-OTP encryption had a limited shelf life, and was to be treated as nothing more than a temporary stopgap against eavesdroppers until they obtain computers fast enough to break it.
I wonder if that's still valid, or if Moore's law is now sufficiently dead that it's no longer a concern. Will Moore's law be revived by a breakthrough in optical computing or something?
-
Embed this notice
LisPi (lispi314@udongein.xyz)'s status on Monday, 12-Feb-2024 13:14:36 JST
LisPi
@argv_minus_one @a1ba @lanodan @mel @kkarhan @dushman @icedquinn Practical quantum computing would break a lot of things that haven't switched to post-quantum cryptography.
But I expect flaws in implementations are more the matter as far as the rest goes.Haelwenn /элвэн/ :triskell: likes this. -
Embed this notice
Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Monday, 12-Feb-2024 13:18:10 JST 
Haelwenn /элвэн/ :triskell:
@argv_minus_one @lispi314 @icedquinn @dushman @kkarhan @mel @a1ba Any real cryptography (onetimepad is a pipe dream, not a design because it doesn't holds to reality) has a limited shelf-life, it's why the best is still to transmit the least amount of data.
But rolling to another algorithm is quite easy, only issue I could see is if you'd have an hard-dependency on fast cryptography and so hardware. -
Embed this notice
🇺🇦 haxadecimal (brouhaha@mastodon.social)'s status on Monday, 12-Feb-2024 13:38:31 JST 
🇺🇦 haxadecimal
@argv_minus_one @lispi314 @icedquinn@blob.cat @dushman @kkarhan @mel @lanodan @a1ba
AES is vulnerable to quantum attack. Grover's Algorithm will work on it. This means that you will need double the key length in a post-quantum world. If you consider a 128-bit key satisfactory against non-quantum attack, you'll need to go to 256. 192 to 384, 256 to 512, etc.Haelwenn /элвэн/ :triskell: likes this. -
Embed this notice
argv minus one (argv_minus_one@mstdn.party)'s status on Monday, 12-Feb-2024 13:38:32 JST
argv minus one
As far as I know, AES isn't vulnerable to quantum computers.
-
Embed this notice
Ignas Kiela (ignaloidas@not.acu.lt)'s status on Tuesday, 13-Feb-2024 00:38:00 JST 
Ignas Kiela
@argv_minus_one@mstdn.party @lispi314@udongein.xyz @icedquinn@blob.cat @dushman@den.raccoon.quest @kkarhan@infosec.space @mel@poofy.hair @lanodan@queer.hacktivis.me @a1ba@suya.place assuming the algorithms themselves don't get broken (a somewhat viable assumption for symmetric crypto), 256 bits basically ensure that it isn't possible to break in our universe with traditional computing or quantum computing. AES has been analyzed for over 20 years now, and the best known attack (that would apply to disk encryption scenario - disk with encrypted data but no key material) reduces it to essentially 254 bits, which is still basically unbreakable. How long will that last is a question, but the track record has been pretty damn good so far.
Haelwenn /элвэн/ :triskell: likes this.
All GNU social JP content and data are available under the