[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: "Unbreakable Crypto" announcement??



>Does anyone with access to the Financial Times know what the hell this
>snippet is talking about??
>
>-=fade=-
>
>ENCRYPTION BREAKTHROUGH ANNOUNCED TODAY
>August 24, 1998
>
>     According to the Financial Times a new "unbreakable" encryption
>technology, called the "Cramer-Shoup cryptosystem," will be annouced today
>by mathematicians from the International Federal Institute of Technology
>which supposedly will thwart even the most aggressive Internet hackers.
>They claim to have created the first "unbreakable protection" which would
>reportedly be a breakthrough that could ensure the security of electronic
>commerce. The Financial Times said, "The breakthrough comes amid growing
>anxiety about the vulnerability of Internet transactions since the
>discovery by researchers earlier this year of a new way to break through
>even the strongest encryption systems."

Who would have guessed that a journalist would so grievously misrepresent
the claims of a soberly presented scholarly report? The title of the
technical paper is: "A Practical Public Key Cryptosystem Provably Secure
against Adaptive Chosen Ciphertext Attack". The only new claim is security
against a chosen ciphertext attack, not "unbreakable". The specific
internet angle is that an attacker might have access to a "decryption
oracle" due to the nature of high volume anonymous transactions. If one
could slip through a few million adaptively chosen ciphertexts, current
systems could leak enough information to compromise themselves. The
reported results are for a new proposed system that is not vulnerable to
this sort of attack.

Steve Bryan
Vendorsystems International
email: [email protected]
icq: 5263678
pgp fingerprint: D758 183C 8B79 B28E 6D4C  2653 E476 82E6 DA7C 9AC5