May 9, 2017 at 12:51 pm
Actually, I'd say most modern encryption really depends on key management. The failures are often that a key is disclosed or lost. That's often the weakpoint, which means malware on clients is the bigger issue.
In that case it doesn't matter if you use the cloud or local services.
Encryption can always be broken, given time and resources. AES-512 is crackable, especially from the NSA. Just not necessarily in practical time for data to be of use. This is one reason to rotate keys and passwords at some interval. You just want to prevent the cracking of an old key allowing access to current data.
May 9, 2017 at 1:11 pm
Steve Jones - SSC Editor - Tuesday, May 9, 2017 12:51 PMActually, I'd say most modern encryption really depends on key management. The failures are often that a key is disclosed or lost. That's often the weakpoint, which means malware on clients is the bigger issue.In that case it doesn't matter if you use the cloud or local services.
Encryption can always be broken, given time and resources. AES-512 is crackable, especially from the NSA. Just not necessarily in practical time for data to be of use. This is one reason to rotate keys and passwords at some interval. You just want to prevent the cracking of an old key allowing access to current data.
Certainly having the key escape (whether via malware or by someone selling it) breaks any encryption, and is the most common cause of breaks. With neither malware nor a spy nor a traitor, breaking depends on getting (perhaps using guesswork aided by sloppy practices at the encrypting end - for example always beginning a message with "From <departmentname> on <date> at <time>" and not changing the key often enough to counter this effect) enough plaintext and matching cyphertext to compute the key (that sort of guesswork and key deduction is roughly how it was done fairly successfully at Bletchley Park during WW2, even in the face of frequent key changes) - and that's still a break as the result of a key escaping.
Tom
May 9, 2017 at 2:47 pm
TomThomson - Tuesday, May 9, 2017 12:49 PMAs is usual for predictions of the sort referenced by the editoral, here we see nothing but wild and inaccurate prediction which gives no grounds at all for us to believe it. IT departments will not disappear any time soon. They will change radically, and probably get used to taking up more software that they didn't write themselves, but they won't disppear. Accounts departments didn't disappear as a result of Lots 1-2-3, they survived the relese of Borland Quattro Pro, and they were not abolished because the CEO could do it himself with Excel.
Absolutely true. However, the amount of work done has increased in many companies, with far fewer people that would be required without computing.
May 9, 2017 at 9:03 pm
Steve Jones - SSC Editor - Tuesday, May 9, 2017 2:47 PMTomThomson - Tuesday, May 9, 2017 12:49 PMAs is usual for predictions of the sort referenced by the editoral, here we see nothing but wild and inaccurate prediction which gives no grounds at all for us to believe it. IT departments will not disappear any time soon. They will change radically, and probably get used to taking up more software that they didn't write themselves, but they won't disppear. Accounts departments didn't disappear as a result of Lots 1-2-3, they survived the relese of Borland Quattro Pro, and they were not abolished because the CEO could do it himself with Excel.Absolutely true. However, the amount of work done has increased in many companies, with far fewer people that would be required without computing.
Most certainly, the amount of work able to be done by a single person has gone way up because of computers. Speaking to the other point of discussion, encryption is vastly superior to the old Caesar Cipher. Then again, the power of computers has also made hacking systems and breaking encryption easier. Like was said earlier, it's all about the keys. If you have an encryption scheme that supports 256-bit encryption at your disposal, but only use a 10-bit key, it becomes simpler by orders of magnitude.
Viewing 4 posts - 31 through 33 (of 33 total)
You must be logged in to reply to this topic. Login to reply