[Cryptography] Questions about crypto that lay people want to understand
iang at iang.org
Fri Dec 25 11:45:34 EST 2015
On 19/12/2015 19:22 pm, Henry Baker wrote:
> In gathering material for a crypto talk to
> laypersons, I've been trying to collect a
> number of questions that such laypersons
> would like to know the answers to.
> This talk is about the fundamental ideas
> of crypto, and not addressing details of
> HTTPS, so it's not a grown-up version of
> a "crypto party".
> I have my own ideas for answers to some
> of these questions, but I'd be curious as
> to what others on this list think.
> BTW, some of these questions will stump
> the best experts, but people will ask
> [These questions are in no particular
> * Ordinary citizens lived thousands of
> years in sophisticated societies and
> never needed clever crypto. I don't
> recall any crypto in the Bible, and the
> only discussion of crypto in novels
> seems to occur in the context of war
> or high politics -- e.g., Queen Mary
> of Scots.
> Why now? What is it about modern
> society that seems to require crypto
> for us ordinary citizens?
Governments have been running "steaming" operations against the post
from since the post was invented. They have been running spying
operations against other forms of communications since forever.
Does that effect ordinary citizens? Typically not. The reason this is
so appears to be pure economics: a spying operation is typically very
costly, so a government focuses very drastically on the biggest threats
- other governments.
Now however spying can not only be done at automated cost, it can be
done at mass, across vast numbers of people at the same time. The
economic barrier to mass surveillance is removed.
As spying goes from economically rare to mass surveillance, the question
arises as to whether citizens should care. A lot of literature says
yes. A more directed answer would be, is ones government benign and
just, or is it liable to do dirty things? Each citizen would need to
answer that for herself or himself. But if the answer is the latter,
government with no limits, then crypto may provide some protection.
> * We just had a crypto war in the
> 1990's, and everyone thought the
> problem was solved. Why are we
> having another crypto war 20 years
> later? Is this a generational
> phenomenon? Or is this a periodic
> cicada phenomenon? Will there be
> a quantum crypto war in 2035 ?
The crypto war was lost in the 1990s. In contrast to the popular story,
what happened was that the export restriction for open source software
was removed in USA. But, in exchange, they also doubled down on "filing
with the government" and many other behind the scenes situations. They
traded one fig leaf for another, "regulated behaviour /1st amendment for
Now, we're in to something a bit different. This time, we've discovered
we're under mass surveillance, which we weren't in 1990s. This time,
we're staring at our navels and wondering why all of our efforts to
deploy a lot of protection seem not to be working out (whether it be
crypto or something else).
> * Why the intimate connection
> between crypto and randomness?
> This connection seems very odd,
> since encrypted text must be
> capable of being *decrypted* back
> into plaintext, and therefore
> even seemingly random ciphertext
> must have significant structure.
The difference is that randomness is the test for decryption. It must
be indistinguishable from randomness to the attacker. Of course, we know
it is not random because it derives from a deterministic encryption, but
if it can be shown to be indistinguishable-from-random to the attacker,
that test tells us it's very strong.
> * SW/HW engineers and crypto
> folks both use the word "code" to
> indicate that some additional
> structure has been added to
> ordinary ASCII text in order to
> achieve certain goals -- e.g.,
> error detection, error correction,
> confidentiality, integrity. Are
> these uses of "code" indicative
> of any deeper relationship between
> the different fields?
In cryptography, a code is a number with a meaning. E.g., 345=ship. In
this sense, an error correcting code is not quite a code, it's more of a
digest, but common computer science doesn't necessarily follow
cryptography all the time.
> * What is the relationship
> between the "key" in my pocket
> and a crypto "key" ?
It's a metaphor, only. As a metaphor, it works until it stops working.
It's maybe more accurate to say that the combination lock's
"combination" is more of a cryptographic key.
> * Crypto techniques seem to
> involve *cycles* -- e.g. modular
> arithmetic, etc. Why do cyclic
> and circular things keep showing
> up in crypto ?
> * (For the physicist/EE.) What
> is the relationship between
> "information" in "information
> theory" and "quantum theory" ?
> Why the complete disconnect
> between the quantum world and
> information theory/crypto ?
One for John Denker :)
> * Why are some things hard to
> compute? Can't we just get
> the cleverest people from MIT,
> Stanford, (insert your favorite
> here) to work on this? If we
> can build an H-bomb, make it
> to the Moon and back, and
> translate languages (thank
> you, Google!), what's the
> matter with you guys?
This is a big-O discussion.
> * If HTTPS is good enough for
> my bank account, how come I
> can't use it to vote? Why
> do I have to vote in person?
1. HTTPS isn't good enough for your bank account, but it would take a
very long and serious investigation to show you why.
2. You can't vote using HTTPS because the problem of voting is to do
with extortion over your person, and crypto hasn't got a good answer to
> * Speaking of banking, will
> digital currency replace
> paper money?
Slowly, over time.
> * What is "strong" crypto?
Nah, it's a marketing thing only. What it "means" is that the crypto
uses stronger keys like 256 bit instead of say 40 bits. But the strength
of the keys is rarely the issue, the dominating factor is the way it
integrates into application and your usage. Weak crypto better deployed
beats strong crypto badly deployed every time (unless you're a spy or
government). Beyond that, the engineering under the hood is far more
important. In a nutshell, it's like comparing engine sizes, it doesn't
really tell you much about how fast the car will go, or even the truck,
but it's a nice number to boast over beers.
> Some products say that they
> use "government quality"
There are various compliance and standards things. Suffice to say, that
isn't necessarily going to result in better protection, but it might
result in "engineering to a certain standard" whatever that means.
> Will I be twice as
> safe with 2048-bit keys as
> with 1024-bit keys?
Nope. Yous keys will be an extra 2^1024 bits harder to crack, but that
doesn't mean you'll be safer because the weak links are all elsewhere in
typical systems. 2048 is the current recommended length, but bear in
mind that although we've recommended 2048, it is one of 10000 details
which we have no recommendations over.... "Trust us, we're doctors"
More information about the cryptography