data under one key, was Re: analysis and implementation of LRW

Allen netsecurity at sound-by-design.com
Tue Jan 30 14:02:19 EST 2007 


Travis H. wrote:
> On Wed, Jan 24, 2007 at 03:28:50PM -0800, Allen wrote:
>> If 4 gigs is right, would it then be records to look for to break 
>> the code via birthday attacks would be things like seismic data,
> 
> In case anyone else couldn't parse this, he means "the amount of
> encrypted material necessary to break the key would be large" or
> "the size of a lookup table would be large" or something like
> that.

Thanks for attempting to fix my badly worded post. What I think I 
really meant is that the data quantity is so large there would be 
  key re-use, allowing attack that way.

> 
>> Currently I'm dealing 
>> with very large - though not as large as 4 gig - x-ray, MRI, and 
>> similar files that have to be protected for the lifespan of the 
>> person, which could be 70+ years after the medical record is 
>> created. Think of the MRI of a kid to scan for some condition 
>> that may be genetic in origin and has to be monitored and 
>> compared with more recent results their whole life.
> 
> That's longer than computers have been available, and also longer
> than modern cryptography has existed.  The only way I would propose
> to be able to stay secure that long is either:
> 1) use a random key as large as the plaintext (one-time-pad)

I can't imagine any way of managing the number of one-time-pads 
that would be needed for 70+ years of medical records of 6+ 
million patients.

> 2) prevent the ciphertext from leaking
>    (quantum crypto, spread-spectrum communication, steganography)

Alas, still not practical in large real-world scenarios, if I 
understand what I've seen so far. Maybe in 20 years.
> 
> Even then, I doubt Lloyd's would insure it.  Anyone who claims to know
> what the state of the art will be like in 70+ years is a fool.  I
> would be cautious about extrapolating more than five years.

[snip]

I'll skip the rest of your excellent, and thought provoking post 
as it is future and I'm looking at now.

 From what you've written and other material I've read, it is 
clear that even if the horizon isn't as short as five years, it 
is certainly shorter than 70. Given that it appears what has to 
be done is the same as the audio industry has had to do with 30 
year old master tapes when they discovered that the binder that 
held the oxide to the backing was becoming gummy and shedding the 
music as the tape was playing - reconstruct the data and 
re-encode it using more up to date technology.

I guess we will have grunt jobs for a long time to come. :)

Best,

Allen

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list