> BUT, changing the key periodically provides the same protection,
> as long as you re-key before enough traffic has passed by to make
> this kind of cracking likely. This invokes the cost of out-of-band
> key distribution for the private key case, and requires a new
> certificate to be issued every so often (every year or two?)
> in the PKI case.
No, changing the key does not provide the same protection at all. No
matter
how often you change the key, it is still vulnerable to compromise at a
future date of whatever vehicle you used to exchange that key. Quantum
encryption is invulnerable to the key being discovered at a future time, by
any imaginable technique.
As for issuing new certificates, the certificates contain public keys
from
which it is possible (with enough computing resources) to determine the
private key. From the private key, you can determine the shared secret. This
can be done at any future time and the communication compromised.
I'm not arguing that this is a realistic possibility, just that quantum
encryption protects you from it and pretty much no other technique (except
perhaps a one time pad or enough totaly secure key material to be
effectively a one time pad) known can do that.
> Note that making the key (certificate) longer, 2048 instead of
> 1024 etc makes the analysis task that much harder.
But how much harder against future algorithmic improvements? Future
quantum
computers? Who knows.
It is a fair question how much use these features are in practical
terms in
today's implementations. But it is undeniable that quantum encryption makes
possible things that are impossible any other way, just as public key
encryption did when it was first discovered. And just like PK, it will and
should take us a long time before we know to what extent we can trust it.
Existing quantum encryption techniques do protect against future
compromise
of the key, whether by computational or other mechanisms. They make passive
interception impossible without knowing the key at the time of tranmission.
DS
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
