On 1/17/19 12:33 PM, Carlos E. R. wrote:
On 17/01/2019 20.53, James Knott wrote:
On 01/17/2019 02:48 PM, Lew Wolfgang wrote:
Well, doesn't all security rely on obscurity? The goal should be to increase obscurity as much as possible. Crypto keys can be guessed, if you can throw enough guesses. Actually, no. The method can be open, provided the keys are secret. Given the size of current keys, they'd take a huge amount of guessing. And that's not security through obscurity. That would be using a non-published secret crypto method, and where knowing the method would instantly lead to opening the door. Example: hiding the door latch somewhere, like with with a button press that you can not see with simple eyes.
Huh? Throwing guesses at a public crypto system doesn't require any knowledge of the method. It might take a few billion years, but it's possible to do. You might get lucky at the first guess! Of course, one could put bounds on the guesses if you knew the encryption algorithm, that's what hacker reconnaissance does, like identifying the version number of the sshd server. Regards, Lew -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org