absolutely nothing to panic over

Daniele Nicolodi daniele at grinta.net
Tue Oct 27 11:22:32 CET 2015


On 27/10/15 08:25, listo factor wrote:
> On 10/27/2015 03:55 AM, Robert J. Hansen wrote:
>> You start from tautology and conclude at paradox.  This doesn't appear
>> to be something to be taken seriously.
> 
> Allow me to try again:
> 
> *There is no secure communication over an insecure channel
> without out-of-channel bootstrap*.
> 
> I believe the above can be re-phrased as follows, with no change
> in meaning:
> 
> Cryptography is an art of turning large secrets into small secrets. [1]
> 
> We need a secure channel to transfer small secrets (typically
> the cryptographic device and the key), so that we can communicate
> large secrets over an insecure channel. [2]

If what makes you think that public key cryptography is insecure by
definition is the possibility to circumvent any key exchange protocol
via quantum computation, please note that the same quantum principles
allow for quantum key distribution, which is "quantum secure" key
exchange over an insecure channel.

In general I find broad and overly simplified statements on complex
matter very easy to confute, and I thus believe that they must not be
taken too seriously.

Cheers,
Daniele




More information about the Gnupg-users mailing list