There is a aphorism in the field of Cryptography: Any cryptographic system formally proven to be secure… isn’t.
This seems backwards to me. If you prove a cryptographic protocol works, using some assumptions, then the only way it can fail is if the assumptions fail. Its not that a system using RSA is 100% secure, someone could peak in your window and see the messages after decryption. But its sure more secure than some random nonsense code with no proofs about it, like people “encoding” data into base 16.
A formal proof of safety, under some assumptions, gives some evidence of safety in a world where those assumptions might or might not hold. Checking whether the assumptions are actually true in reality is a difficult and important skill.
Did you notice that there are currently super-intelligent beings living on Earth, ones that are smarter than any human who has ever lived and who have the ability to destroy the entire planet? They have names like Google, Facebook, the US Military, the People’s Liberation Army, Bitcoin and Ethereum.
Nope. Big organizations are big. They aren’t superintelligent. There are plenty of cases of huge organizations of people making utterly stupid decisions.
This seems backwards to me. If you prove a cryptographic protocol works, using some assumptions, then the only way it can fail is if the assumptions fail. Its not that a system using RSA is 100% secure, someone could peak in your window and see the messages after decryption. But its sure more secure than some random nonsense code with no proofs about it, like people “encoding” data into base 16.
The context isn’t “system with formal proof” vs “system I just thought of 10 seconds ago” but “system with formal proof” vs “system without formal proof but extensively tested by cryptographers in real-world settings”. Think One-Time-Pad vs AES. In theory One-Time-Pad is perfectly information theoretically secure, but in practice AES is much better.
Obviously “system with formal proof and extensively tested/demonstrated to work in real world settings” would be even better. And if anyone ever proves P=NP, AES will presumably enter this category.
“system with formal proof” vs “system without formal proof but extensively tested by cryptographers in real-world settings”
Well this is saying formal proof is bad because testing is better. I think in this situation it depends on exactly what was proved, and how extensive the testing is.
One time pads always work, so long as no one else knows the key. This is the best you can ask for from any symmetric encryption. The only advantage AES gives you is a key that is smaller than the message. (Which is more helpful for saving bandwidth than for security.) If you were sending out a drone, you could give it a hard drive full of random nonsense, keeping a similar hard drive in your base, and encrypt everything with a one time pad. Idealy the drone should delete the one time pad as it uses it. But if you want to send more than a hard drive full of data, suddenly you can’t without breaking all the security. AES can use a small key to send lots of data.
This seems backwards to me. If you prove a cryptographic protocol works, using some assumptions, then the only way it can fail is if the assumptions fail. Its not that a system using RSA is 100% secure, someone could peak in your window and see the messages after decryption. But its sure more secure than some random nonsense code with no proofs about it, like people “encoding” data into base 16.
A formal proof of safety, under some assumptions, gives some evidence of safety in a world where those assumptions might or might not hold. Checking whether the assumptions are actually true in reality is a difficult and important skill.
Nope. Big organizations are big. They aren’t superintelligent. There are plenty of cases of huge organizations of people making utterly stupid decisions.
The context isn’t “system with formal proof” vs “system I just thought of 10 seconds ago” but “system with formal proof” vs “system without formal proof but extensively tested by cryptographers in real-world settings”. Think One-Time-Pad vs AES. In theory One-Time-Pad is perfectly information theoretically secure, but in practice AES is much better.
Obviously “system with formal proof and extensively tested/demonstrated to work in real world settings” would be even better. And if anyone ever proves P=NP, AES will presumably enter this category.
Well this is saying formal proof is bad because testing is better. I think in this situation it depends on exactly what was proved, and how extensive the testing is.
One time pads always work, so long as no one else knows the key. This is the best you can ask for from any symmetric encryption. The only advantage AES gives you is a key that is smaller than the message. (Which is more helpful for saving bandwidth than for security.) If you were sending out a drone, you could give it a hard drive full of random nonsense, keeping a similar hard drive in your base, and encrypt everything with a one time pad. Idealy the drone should delete the one time pad as it uses it. But if you want to send more than a hard drive full of data, suddenly you can’t without breaking all the security. AES can use a small key to send lots of data.