Ian Grigg wrote:
You are looking at QC from a scientific perspective. What is happening is not scientific, but business.
[Points 1..7 snipped]
Hence, quantum cryptogtaphy. Cryptographers and
engineers will recognise that this is a pure FUD
play. But, QC is cool, and only cool sells.
See, this is what's scary to me: the cool being what sells is an indication that PHBs, instead of technically capable people, are making decisions when it comes to crypto. Maybe this is incredibly obvious to the veterans in the field, but it's a disillusionment I prefer not to have.
It reminds me of a guy I know who, every time when asked about his software, would rant off the features and conclude with "It also features a phase multiplexer." He's never been asked about it. If it weren't funny, it'd be sad.
Where we are now is the start of a new hype cycle. This is to be expected, as the prior hype cycle(s) have passed. PKI has flopped and is now known in the customer base (finance industry and government) as a disaster. But, these same customers are desparate for solutions, and as always are vulnerable to a sales pitch.
This is part of my lack of understanding: I find it impossible to believe that - given a market begging for solutions - no one is offering high-quality non-QC link encryption boxes. Your points focused on the existing situation (particularly in the finance industry) which essentially amounts to "people use insecure private telco lines to feel secure". The scenario I am missing - and you didn't address - is why someone with a little time and understanding doesn't throw together a few chips and offer an out-of-the-box crypto tunnel solution (or, if there is one, why isn't it catching on?).
What do you really need for a simple point-to-point encryption? Linksys makes a $70 wifi router that has a 125MHz MIPS processor, 16 MB RAM + 4 MB Flash ROM, two 10/100Mbit ethernet controllers, and runs Linux 2.4. If someone paid me for a few hours of work, I could probably make a pair of *those* do secure link encryption. Rijndael isn't computationally expensive, and putting in a few extra bucks would likely afford you processing power that could support tank-like (Serpent?) encryption transparently.
The way I see this is that there are two options: consumers can entrust the security of their data to physics they don't understand, or mathematics they don't understand. One of the fundamental differences is that the former *no one* understands, and its price reflects that. With the latter, well - quite a few people understand the math behind crypto, and silicon is cheap these days. So what are people waiting for? Why doesn't everyone concerned for their link security have a pair of cheap strong crypto devices at both ends?
Cheers, Ivan
--------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
