Dan Brown - Digital Fortress book

Robert J. Hansen rjh at sixdemonbag.org
Thu Jan 15 19:57:17 CET 2009


vedaal at hush.com wrote:
> "assuming a brute force attack is feasible in real time, how could
> one design a cipher that is invulnerable to  brute force attack
> (other than an OTP )?"

You don't.

> (1) [as explained in the Digital Fortress book] what if the
> decryption program didn't know when it had successfully decrypted ...

>From a computational theory perspective, this means putting decryption
into PSPACE.  Once you leave NP behind you, your next stop is the
one-time pad.

> (a) change the ciphertext, and let the brute force machine merrily 
> try to crack the wrong ciphertext

Delivering a false message to your enemies is a classic tactic in the
history of communications security.  In recent history, that's how we
knew to intercept the Japanese fleet at Midway Island.  Going back to
classical history, it's one of the ways Belisarius kept the Germanic
tribes divided, facilitating his successes during the reign of Justinian.

> anyway, for me, the book presented interesting crypto concepts that
> would be fascinating if explored ...

To the extent people are inspired by it to think critically about
crypto, I'm glad.  But I cannot recommend it be read as an exposure to
concepts in crypto.  _Cryptonomicon_ (and Jon Evans' _The Blood Price_,
which I should've listed on my recommended books before) are much better
for that.





More information about the Gnupg-users mailing list