PunkFloyd, King of Bards wrote:
Yodabunny wrote:
No. More secure sure, but there is no such thing as perfect encryption even in this case. You can still brute force this, currently you're looking at millenia of computing time to do it but that changes pretty rapidly at the pace computing power is increasing. Given recent research into quantum computing it may actually be instantaneous in the relatively near future. Relatively being a...relative term of course. 3rd party duplication and verification of transactions with reconciliation of discrepancies properly implemented is the only truly secure option for any digital currency.
The incentive to crack it is just too high for there to not be some form of record to compare against in the event of a discrepancy. Think about what would happen if someone got a hold of all of the equipment and exact materials/know how to create American currency at will. That's what we're talking about here, except now you don't need the materials, the know how is readily available, and there is nobody to tell you you can't or punish you for doing it since it's not regulated by any organization.
Smash is correct about a one-time pad encryption.
Uh... Smash is
technically correct, and Yoda's whole "brute force" statement is absolutely wrong, but the result isn't really what Smash is implying either. Yes. Single pad encryption can't be broken. But there are several conditions, and the first of them is a biggie. It's only perfectly secure *if* the key is the same length as what you're encrypting. If it's not, there's a possibility of detecting a repeating pattern. This is problematic if we're dealing with anything other than short text messages since there's no way someone's going to just remember a 50,000 character password. Ergo, the key has to be stored somewhere, almost certainly digitally given the data type we're talking about, which means if you can get to the data in the first place, you can probably get to the key. It's not like there's any value in this scenario to be transmitting the encrypted bitcoins around or anything. You're just storing it somewhere. So there's no real difference between storing it unencrypted on some removable device you have hidden in your mattress and storing it on your computer, and hiding the key on a removable device you have hidden in your mattress. You're fooling yourself if you think it's more secure.
Quote:
If implemented correctly, it's basically encryption with an infinite key length and not subject to brute force attacks. Attack vectors for this are usually through side-channels which moves the discussion from virtual (e.g. computational) to physical (e.g. storage medium). This can be mitigated by using dedicated OTP hardware, people with guns, etc.
Problem is that the use model we're talking about doesn't lend itself to single pad being used properly. I'll point out again that all the side methods you'd use to secure the key could also be used just as effectively to secure an unencrypted file. You gain very close to zero extra security doing this. Single pad encryption is most effective when pointA and pointB have obtained the only two copies of a key previously (and hopefully securely). PointA encrypts using the key and then destroys their copy. The encrypted message is then sent via a presumably insecure method to pointB, where it's decrypted using their copy of the key (which is then destroyed as well).
There is no value to encrypting something at pointA, and then holding onto the key in order to decrypt it at pointA at some point in the future. As I said, you gain zero security doing that because you've kept the key you used to encrypt it. Also, it only makes sense to use this method if you have a secure way of distributing keys, but it's time consuming or cumbersome, and you need a means to communicate quickly and securely via otherwise insecure means. If you had plenty of time to transmit the message, you'd just send it the same way you send the keys, right? So once again, the use model fails.
Quote:
Notwithstanding the above, contemporary cryptography is still viable for the foreseeable future. Contemporary strong asymmetric algorithms such as RSA are not limited to current key lengths, which are usually 1024- or 2048-bit. These are used as a convention only. The premise on which the algorithm works is general and will work with (effectively) arbitrarily large keys. Just change your key size to 1048576-bit.
It's not that simple either, and once again, the means typically used to "hack" encryption really only means longer time, not increased difficulty. It's not useless of course, but it's also incredibly dependent on *what* is being encrypted.
Edited, Apr 4th 2013 2:10pm by gbaji