On 06/03/2014 12:04 AM, Dirk Gently wrote:
In truth, ALL information security is security by obscurity.
The whole point of 1024-bit passwords is that they are, by definition, more obscure than, say, 8-bit passwords. You can find an 8-bit password in less than a minute.... these days, probably less than a second.
Car locks, likewise, are security by obscurity -- which of the hundreds of different key-profiles (hills and valleys) will set the pins in the correct position for the tumbler to turn?
That's not my understanding of security by obscurity. It means trying to hide something in something else. For example, some people think just using a different port number provides security.
When I was a student at the U.S. Army Signal School, one thing stuck with me in a block on using cryptographic methods: ALL code-systems can be broken, given enough traffic to eavesdrop on, and enough time to decode them. The goal then, is to NOT use "an unbreakable code" because no such thing exists. They point is to use a code system which is sufficiently difficult to break, such that the encrypted information will no longer be useful by the time the opposing forces decrypt it. Do not use a code which is good for 24-hours (when used to encrypt small pieces of numerical data) to encrypt a long message which must remain secret for a year or more. Likewise, do not use a method which will provide security for decades to encrypt information which is of value for only a couple of hours (such as the map coordinates of where vehicles should meet for distribution of the next meal and beverages).
One thing public key encryption uses is a new key for every encryption, with only the public private key remaining the same. They are used to protect the random number key that actually encrypts the data, so that it's similar to using a one time pad, which is unbreakable. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org