8 Replies - 8290 Views - Last Post: 23 August 2013 - 09:24 PM

#1 jon.kiparsky  Icon User is online

  • Pancakes!
  • member icon


Reputation: 7743
  • View blog
  • Posts: 13,082
  • Joined: 19-March 11

RSA on a death watch

Post icon  Posted 06 August 2013 - 06:55 PM

A friend of mine forwarded this to me. The short version: security researchers are putting the end of RSA and Diffie-Hellman as a viable encryption scheme in the next five years. Get ready for elliptical curves. Great chaos portends.

http://www.technolog...ecurity-crisis/

Is This A Good Question/Topic? 2
  • +

Replies To: RSA on a death watch

#2 macosxnerd101  Icon User is online

  • Self-Trained Economist
  • member icon




Reputation: 10562
  • View blog
  • Posts: 39,086
  • Joined: 27-December 08

Re: RSA on a death watch

Posted 14 August 2013 - 06:50 PM

I just came across this or I would have responded earlier. Let me be the first to jump in joy! A big reason for the adoption of the RSA standard is because they opened it up. Elliptic Curve Cryptosystems are patented, and the patent holders choose to enforce it. Glad to see things are finally changing though!
Was This Post Helpful? 0
  • +
  • -

#3 jon.kiparsky  Icon User is online

  • Pancakes!
  • member icon


Reputation: 7743
  • View blog
  • Posts: 13,082
  • Joined: 19-March 11

Re: RSA on a death watch

Posted 14 August 2013 - 09:45 PM

Looks to me like this might be a bit of a problem, actually.

Quote

Implementations of ECC were pioneered and patented by a company called Certicom that is now a subsidiary of the phone manufacturer BlackBerry. Although the U.S. government has purchased licenses that allow the use of ECC by itself and its contractors, other companies that want to use ECC will need to make expensive deals with Certicom to avoid lawsuits. In 2007 Certicom sued Sony for using ECC in software for BlueRay DVDs without licensing its patents. Sony initially attempted to have some patents invalidated in court, before settling out of court in 2009.


While people might be "calling on BlackBerry to change its policy", I don't think that's all too likely, since it would be more or less corporate suicide (raise your hand if you think BlackBerry is being held up by anything other than its stock of patents... thought not...)

This post has been edited by jon.kiparsky: 14 August 2013 - 09:48 PM

Was This Post Helpful? 0
  • +
  • -

#4 ishkabible  Icon User is offline

  • spelling expret
  • member icon




Reputation: 1622
  • View blog
  • Posts: 5,709
  • Joined: 03-August 09

Re: RSA on a death watch

Posted 18 August 2013 - 10:48 AM

I had my money on RSA being beaten by quantum computing not some newfangled non-quantum algorithm out of a math department!
Was This Post Helpful? 0
  • +
  • -

#5 jon.kiparsky  Icon User is online

  • Pancakes!
  • member icon


Reputation: 7743
  • View blog
  • Posts: 13,082
  • Joined: 19-March 11

Re: RSA on a death watch

Posted 18 August 2013 - 02:43 PM

Yeah, me too. And now I'm thinking I have to re-evaluate the current threat models. People often say it's safe to assume the NSA is about five years ahead of the state of the art....
Was This Post Helpful? 0
  • +
  • -

#6 Vodkacannon  Icon User is offline

  • D.I.C Head

Reputation: 0
  • View blog
  • Posts: 67
  • Joined: 07-November 11

Re: RSA on a death watch

Posted 23 August 2013 - 09:02 PM

Will quantum computing be a double edged sword when it comes to encryption? If an encryption can be created it could be broken just as fast with a quantum computer and someone with bad intentions.
Was This Post Helpful? 0
  • +
  • -

#7 jon.kiparsky  Icon User is online

  • Pancakes!
  • member icon


Reputation: 7743
  • View blog
  • Posts: 13,082
  • Joined: 19-March 11

Re: RSA on a death watch

Posted 23 August 2013 - 09:08 PM

Right now the most common conception is that QC will help the Eves and not the Alices and the Bobs. This is because there are algorithms that seem to make factoring much faster if you have a quantum computer, and if you can factor a huge number into two large primes, then you've completely broken the most standard encryption model in use today. QC doesn't provide us with any obvious compensating advantages for Alice and Bob, however, so it looks like QC means The End Of Secrecy And the Doom of E-Commerce and The Coming Of The Open Society (unless there are other modes of encrpytion that don't rely on difficulty of factoring to their secrecy, which there are).

So no, it's pretty much a single-edged sword, held by the evesdroppers.

This post has been edited by jon.kiparsky: 23 August 2013 - 09:09 PM

Was This Post Helpful? 1
  • +
  • -

#8 Vodkacannon  Icon User is offline

  • D.I.C Head

Reputation: 0
  • View blog
  • Posts: 67
  • Joined: 07-November 11

Re: RSA on a death watch

Posted 23 August 2013 - 09:22 PM

At least we get to simulate universes =)
Was This Post Helpful? 0
  • +
  • -

#9 jon.kiparsky  Icon User is online

  • Pancakes!
  • member icon


Reputation: 7743
  • View blog
  • Posts: 13,082
  • Joined: 19-March 11

Re: RSA on a death watch

Posted 23 August 2013 - 09:24 PM

We can do that now. QC will let us simulate bigger ones, though.
Was This Post Helpful? 0
  • +
  • -

Page 1 of 1