On Sat, Nov 11, 2017 at 6:22 PM, Chris Laprise <[email protected]> wrote:

>>> Would be simpler off the bat to limit discussion to asymmetric crypto,
>>> as that is the type thought to be vulnerable to qc. LUKS/dmcrypt and
>>> most other disk encryption uses symmetric crypto.
>>>
>>> I believe qvm-backup crypto is also symmetric (although IIRC it may have
>>> specific security issues that need to be addressed).

>> or is it because asymmetry is typically used more when send over the
>> internet compared to symmetry which is more often used offline?

No.

> There are some articles/talks that explain the difference, but its not due
> to entropy. Its because the public key provides too much info about the
> private key to a qc search algorithm. This was already the case with regular
> computer searches, at least with RSA which uses much larger keys than a
> symmetric cipher like AES to compensate for the issue.
>
> A figure I heard was that qc can cut search time for symmetric key merely in
> half, whereas its can cut time for asymmetric key by orders of magnitude.

It is more complex than that, but that is a usable first approximation
for many cases.

> Most Internet encryption is based on asymmetric ciphers. That's the main
> issue and Qubes is not special in any sense on this topic.

Symmetric encryption is much faster & is used for nearly all
encryption of large chunks or streams of data -- messages in PGP,
connections in SSH or TLS or IPsec, disk or file contents in other
systems -- and in hash algorithms & variants using them like the HMAC
construction. These can provide one level of authentication; if
decryption succeeds then the recipient knows the the sender had the
right key & if HMAC succeeds he knows the message received is
(overwhelmingly likely to be) identical to what was sent or the file
read identical to what was stored.

Asymmetric encryption gives a different type of authentication,
proving the other player had a particular private key. This solves the
key management problem which is very difficult with symmetric crypto
alone. A major government can send a junior military officer to fly to
an embassy once a month to deliver keys, but without public key
(asymmetric) techniques anyone else has a real problem ensuring that
the right people have the keys & enemies do not.

It also gives digital signatures which are used in authenticating the
players for SSH, SSL, IPsec connections. With symmetric techniques
alone, you can know that only the receiver can read your messages, but
you need the public key stuff to know who you are talking to.
Signatures are also used to be sure the file you download was produced
by Qubes people, not by say a malicious government or some gang of
botnet builders.

One explanation of the roles of the two algorithm types:
http://en.citizendium.org/wiki/Hybrid_cryptosystem

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/CACXcFm%3D7YjkUJJEKhnsuCcvmvECBa3oDL0gkU%3DaPr%2B806z_bNA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to