"Unbreakable" Encryption Almost Certainly Isn't
(Wherein Bruce Schneier shares my skepticism about the latest "unbreakable" encryption.)
Originally posted by bruce_schneier at "Unbreakable" Encryption Almost Certainly Isn't
https://www.schneier.com/blog/archives/2014/04/unbreakable_enc.html
This headline is provocative: "Human biology inspires 'unbreakable' encryption."
The article is similarly nonsensical:
Researchers at Lancaster University, UK have taken a hint from the way the human lungs and heart constantly communicate with each other, to devise an innovative, highly flexible encryption algorithm that they claim can't be broken using the traditional methods of cyberattack.
Information can be encrypted with an array of different algorithms, but the question of which method is the most secure is far from trivial. Such algorithms need a "key" to encrypt and decrypt information; the algorithms typically generate their keys using a well-known set of rules that can only admit a very large, but nonetheless finite number of possible keys. This means that in principle, given enough time and computing power, prying eyes can always break the code eventually.
The researchers, led by Dr. Tomislav Stankovski, created an encryption mechanism that can generate a truly unlimited number of keys, which they say vastly increases the security of the communication. To do so, they took inspiration from the anatomy of the human body.
Regularly, someone from outside cryptography -- who has no idea how crypto works -- pops up and says "hey, I can solve their problems." Invariably, they make some trivial encryption scheme because they don't know better.
Remember: anyone can create a cryptosystem that he himself cannot break. And this advice from 15 years ago is still relevant.
Another article, and the paper.
Originally posted by bruce_schneier at "Unbreakable" Encryption Almost Certainly Isn't
https://www.schneier.com/blog/archives/2014/04/unbreakable_enc.html
This headline is provocative: "Human biology inspires 'unbreakable' encryption."
The article is similarly nonsensical:
Researchers at Lancaster University, UK have taken a hint from the way the human lungs and heart constantly communicate with each other, to devise an innovative, highly flexible encryption algorithm that they claim can't be broken using the traditional methods of cyberattack.
Information can be encrypted with an array of different algorithms, but the question of which method is the most secure is far from trivial. Such algorithms need a "key" to encrypt and decrypt information; the algorithms typically generate their keys using a well-known set of rules that can only admit a very large, but nonetheless finite number of possible keys. This means that in principle, given enough time and computing power, prying eyes can always break the code eventually.
The researchers, led by Dr. Tomislav Stankovski, created an encryption mechanism that can generate a truly unlimited number of keys, which they say vastly increases the security of the communication. To do so, they took inspiration from the anatomy of the human body.
Regularly, someone from outside cryptography -- who has no idea how crypto works -- pops up and says "hey, I can solve their problems." Invariably, they make some trivial encryption scheme because they don't know better.
Remember: anyone can create a cryptosystem that he himself cannot break. And this advice from 15 years ago is still relevant.
Another article, and the paper.