Bank transfer via quantum crypto
Ivan Krstic
ccikrs1 at cranbrook.edu
Sun May 9 00:16:53 EDT 2004
Apologies for the late response. Finals have a knack for keeping me away
from the keyboard.
Ian Grigg wrote:
> You are looking at QC from a scientific perspective.
> What is happening is not scientific, but business.
[Points 1..7 snipped]
> Hence, quantum cryptogtaphy. Cryptographers and
> engineers will recognise that this is a pure FUD
> play. But, QC is cool, and only cool sells.
See, this is what's scary to me: the cool being what sells is an
indication that PHBs, instead of technically capable people, are making
decisions when it comes to crypto. Maybe this is incredibly obvious to
the veterans in the field, but it's a disillusionment I prefer not to have.
It reminds me of a guy I know who, every time when asked about his
software, would rant off the features and conclude with "It also
features a phase multiplexer." He's never been asked about it. If it
weren't funny, it'd be sad.
> Where we are now is the start of a new hype
> cycle. This is to be expected, as the prior
> hype cycle(s) have passed. PKI has flopped and
> is now known in the customer base (finance
> industry and government) as a disaster. But,
> these same customers are desparate for solutions,
> and as always are vulnerable to a sales pitch.
This is part of my lack of understanding: I find it impossible to
believe that - given a market begging for solutions - no one is offering
high-quality non-QC link encryption boxes. Your points focused on the
existing situation (particularly in the finance industry) which
essentially amounts to "people use insecure private telco lines to feel
secure". The scenario I am missing - and you didn't address - is why
someone with a little time and understanding doesn't throw together a
few chips and offer an out-of-the-box crypto tunnel solution (or, if
there is one, why isn't it catching on?).
What do you really need for a simple point-to-point encryption? Linksys
makes a $70 wifi router that has a 125MHz MIPS processor, 16 MB RAM + 4
MB Flash ROM, two 10/100Mbit ethernet controllers, and runs Linux 2.4.
If someone paid me for a few hours of work, I could probably make a pair
of *those* do secure link encryption. Rijndael isn't computationally
expensive, and putting in a few extra bucks would likely afford you
processing power that could support tank-like (Serpent?) encryption
transparently.
The way I see this is that there are two options: consumers can entrust
the security of their data to physics they don't understand, or
mathematics they don't understand. One of the fundamental differences is
that the former *no one* understands, and its price reflects that. With
the latter, well - quite a few people understand the math behind crypto,
and silicon is cheap these days. So what are people waiting for? Why
doesn't everyone concerned for their link security have a pair of cheap
strong crypto devices at both ends?
Cheers,
Ivan
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list