101
submitted 8 months ago* (last edited 8 months ago) by cypherpunks@lemmy.ml to c/privacy@lemmy.ml
all 8 comments
sorted by: hot top controversial new old
[-] LWD@lemm.ee 28 points 8 months ago

This is way more of a self-promo blog post than an article, but it's also along the lines of Signal or Apple announcing their own successes in cryptography.

BTW, this was my favorite part of the post

Why encryption is even allowed?

Daniel J Bernstein

They're not wrong, either.

I also appreciate their clarification that post-quantum encryption is a guess, not a sure thing. Actually, they're much more blunt than that:

post-quantum cryptography can be compared with a remedy against the illness that nobody has, without any guarantee that it will work. The closest analogy in the history of medicine is snake oil.

Good on them for saying that.

But then on expounding with minimal jargon... At least, as far as explaining cryptography can be done that way.

[-] cypherpunks@lemmy.ml 10 points 8 months ago* (last edited 8 months ago)

post-quantum cryptography can be compared with a remedy against the illness that nobody has, without any guarantee that it will work. The closest analogy in the history of medicine is snake oil.

Good on them for saying that.

A "remedy against the illness that nobody has" is a good analogy, but it is important to note that it's an illness which there is a consensus we are likely to eventually have and a remedy that there is good reason to believe will be effective.

It isn't a certainty that there will ever be a cryptographically relevant post-quantum computer, and it also isn't a certainty that any of the post-quantum algorithms (as with most classical cryptography) which exist today won't turn out to be breakable even by yesterday's computers. The latter point is why it's best to deploy post-quantum cryptography in a hybrid construction such that the system remains secure even if one of the primitives turns out to be breakable.

That said, I think it is totally wrong to call PQC snake oil because that term in the context of cryptography specifically means that a system is making dishonest claims: https://en.wikipedia.org/wiki/Snake_oil_(cryptography)

[-] LWD@lemm.ee 4 points 8 months ago* (last edited 8 months ago)

I didn't post the part after the "snake oil" quote because my post was getting a bit long but yeah, they basically agree with you. I also get mild ESL vibes (the phrasing on the title is a little off, and I believe a couple of the developers are Russian-born) so I don't think they were trying to be too inaccurate.

[-] cypherpunks@lemmy.ml 4 points 8 months ago

they basically agree with you

yes, I realize :)

I should've made clear in my comment that, aside from a bit of imperfect English and incorrect use of the term snake oil, I think this is an excellent blog post.

[-] Coasting0942@reddthat.com 8 points 8 months ago

Thanks for highlighting that part of history.

The guy literally printed the algorithm in a book to show that the first amendment protects encryption math. Luckily the justices at the time were definitely pro first amendment. Unlucky that they used first amendment to justify citizens United

[-] drwho@beehaw.org 1 points 8 months ago

I thought that was Phil Zimmerman with PGP.

[-] drwho@beehaw.org 3 points 8 months ago* (last edited 8 months ago)

That's djb?

Whoa. I never knew what he looked like.

this post was submitted on 14 Mar 2024
101 points (94.7% liked)

Privacy

32130 readers
1126 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS