Well, let's not mix up human designed cryptography with natural laws like physics.
No cryptographic system has ever been proven impossible to break. We make assumptions like "ECDLP is hard" because lots of smart people (how many? who?) have tried to break it (how hard did they try?) and failed (are we sure all of them did?). At the root of all cryptographic schemes there are social assumptions, like the assumption that if someone had found a solution, they'd definitely have published a paper on it and not e.g. sold it to the NSA. For some problems we think those social assumptions are true because the Snowden leaks seemed to suggest even the NSA can't solve them, if we ignore cases where actually they could, like Logjam. And we assume the NSA is filled with really smart people (is it?) who spend lots of time cryptanalysing common algorithms (do they?) … and on we go. Physics doesn't rely on assumptions like that. Anyone can do an experiment to prove its laws are true. Now, I'm not arguing cryptography is useless or doesn't work. Clearly in the real world it does work. It solves lots of real problems, all the time. But "work" sometimes has a rather technical definition that doesn't match what regular people understand by the term. Do people differentiate between "cryptography" and "encrypted messaging" for example? To the layman cryptography *is* encrypting messages, that's what it's all about. But on this list we know that encrypted messengers rely for security on a lot of things being true, only a small number of which are cryptographic assumptions. To reason about security we have to analyse the whole system end to end. We can't just say, well, nobody knows how to break this particular algorithm right here, so the system is secure. Occasionally I worry that one day the credibility of end-to-end encryption will be harmed, because it will turn out that one of the big players has built in back doors or is changing public keys for targeted intercept. And then we (the 'experts') will say, ah ha! In fact, we never claimed these systems were secure against such attacks. And all the general public will hear is, "you said tech firms couldn't read our messages and you were wrong". The restrictions WhatsApp put on forwarding messages might be an early sign of what's to come. https://slate.com/technology/2020/04/whatsapp-message-forwarding-disinformation-coronavirus.html Cryptographically, the double ratchet/AES/Noise/etc are all designed to stop a MITM detecting if the same message is being sent twice. This is a core algorithmic property that cryptographers stress over. In the real world, when Facebook decided they had a moral obligation to fight "rumours" they just modified the software to stop people forwarding messages. When the MITM controls the endpoints it's unclear what meaning cryptography actually has, beyond time limited legal arguments. On Sat, Jun 20, 2020 at 17:30:54, Mikalai Birukou <m...@3nsoft.com> wrote: > It won't surprise me if at some point EncroPhone gets silently taken over > by the Dutch police and used in a sting operation > > > Well, that didn't take long: > > https://www.irishnews.com/news/northernirelandnews/2020/06/20/news/ > wave-of-arrests-after-breach-of-encrypted-communication-network-1980136/ > > In the end, cryptography still boils down to trusting people (the > implementors). > > Since we have Mike from the guardian, a wordsmith, if I may, let's > carefully note use of words and say that " *security of a thing* still > boils down to trusting people (the implementors)". > Wordsmiths, please, don't perpetuate a nihilism-leaning memes by loose use > of words that somehow hint that cryptography is not reliable. If there were > problems with cryptography, police would not need, quote, "sophisticated > attack and the malware code". And when was the last time you've heard a > phrase "physics still boils down to trusting GM car breaks"? >
_______________________________________________ Messaging mailing list Messaging@moderncrypto.org https://moderncrypto.org/mailman/listinfo/messaging
