×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

728 comments

Nope (2, Insightful)

Anonymous Coward | more than 11 years ago | (#5277874)

One of the creators can always sell out and show how to beat the system.

Re:Nope (3, Informative)

Anonymous Coward | more than 11 years ago | (#5277988)

That would be on the assumption that they using security through obscurity, which is hopefully not part of it.

Unbreakable encryption is quantum encryption.

If the Israelies Have it.... (-1, Troll)

Anonymous Coward | more than 11 years ago | (#5277875)

You can bet the US has it too. Israel is essentially our 51st state.

Re:If the Israelies Have it.... (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#5277896)

Aw, don't you love us anymore? What happened to our Special Relationship? We haven't even been flirting with the French and the Germans recently!

Re:If the Israelies Have it.... (-1, Flamebait)

Anonymous Coward | more than 11 years ago | (#5278039)

never be stupid enough to trust an Israeli further than you can kick one.

pffft (1, Interesting)

DiSKiLLeR (17651) | more than 11 years ago | (#5277876)

Pfft... unbreakable encryption my ass. There is no such thing.

This will be broken and found to be full of holes bigger then swiss cheese before the week is out...

D.

One Time Pad (5, Informative)

Overand (590318) | more than 11 years ago | (#5277877)

One Time Pad is uncrackable... but the "key" is the same size as all the data you'll ever want to send... but DAMN it works. =]

Re:One Time Pad (3, Interesting)

Anonymous Coward | more than 11 years ago | (#5277902)

Well it depends what you mean by uncrackable.. with an OTP alone i could generate all possible messages the same amountt of bits, and somewhere in the solution set would be the answer. =)

There is no uncrackable encryption. therefore, information is free. (Notice: not meant to be free, or wants to be free, i cannot infer purpose or intent in design from mere observation.)

Re:One Time Pad (-1, Redundant)

Anonymous Coward | more than 11 years ago | (#5277907)

Mod this up Shannon already proved this type of encryption is unbreakable.

Re:One Time Pad (5, Insightful)

jtdubs (61885) | more than 11 years ago | (#5277959)

One time pads are not uncrackable by definition. They have two weak points.

1) The generation of the pads.

One time pads are as crackable as your method for generating the pads. If your pad is TRULY random than it can't be cracked via statistics and probability. You must also be sure that no one else saw the pads or had access to the same entropy pool you used to generate the pads.

2) The distribution of the pads.

Both parties need a copy of the pad for it to work. How do the parties get the pads? Is this process secure? If not, than the quality of the pad is moot.

Justin Dubs

Re:One Time Pad (2, Interesting)

lfourrier (209630) | more than 11 years ago | (#5277981)

I'm quite sure you can get a good randomness by recording noise from your (cheap) sound card.
Pump up the volume, read /dev/dsp, take one bit in each sample, and with a stock PC, you should have a good random number generator (except if your sound card is good quality, and you have no noise).

Re:One Time Pad (0)

Anonymous Coward | more than 11 years ago | (#5278015)

why do people always say this.

there you are happily using your sound card to generate random numbers when mr evil cracker realises what you are doing and simply adds his own 'noise' to the signal to manipulate what you are doing. The numbers are no longer random and your code is breakable.

Generating large amounts of truely random numbers is not a trivial task.

Re:One Time Pad (3, Insightful)

jtdubs (61885) | more than 11 years ago | (#5278026)

The source of randomness isn't the stumbling block.

Getting good-enough randomness is easy enough now-adays. I mean, heck, check out random.org.

But, you still have to distribute the pad. You can always just use another one-time-pad to encrypt the pad before you send it though. ;-)

If you are distributing electronically, than you can send the pad out to your partner via some form of public-key encryption. But, now your security is not determined by the strength of the one-time pad (possibly infinite), but by the strength of the public-key crypto-system (certainly not infinite).

Justin Dubs

Re:One Time Pad (1)

lederhosen (612610) | more than 11 years ago | (#5277986)

1) recording nuclear breakdown
2) record the key on a cdrom and deliver
it by hand.

Re:One Time Pad (0)

Anonymous Coward | more than 11 years ago | (#5278041)

Well if you are going to record the key on a cd and deliver it by hand (which you would have to do for each message, since it is a one time pad ) you might as well deliver the message your self. A stolen key is almost as bad as the stolen message.

Re:One Time Pad (5, Informative)

jtdubs (61885) | more than 11 years ago | (#5278008)

Also of note:

You CAN NOT use the same pad more than once. Hence the name "One-time" pads. Here's why:

Here are two messages, encrypted with the same pad:

cyphertext1 = plaintext1 + one-time-pad
cyphertext2 = plaintext2 + one-time-pad

For short:

c1 = p1 + otp
c2 = p2 + otp

Now, I get ahold of both cyphertexts, and I suspect, or guess, that they were encrypted with the same key.

(c2 - c1) = (p2 + otp) - (p1 + otp)
(c2 - c1) = (p2 - p1)

So, now, the "enemy" has a new set of numbers, obtained by the subtraction of the two cyphertexts, and this result is also the subtraction of the two plaintexts as the one-time-pads cancelled out.

A message that is simply the difference between two plaintext messages is trivially crackable via statistical analysis.

Anyone who enjoys encryption theory and a good yarn should go pick up a copy of Neal Stephenson's Cryptonomicon. It is one of the best book I have ever read.

Justin Dubs

Re:One Time Pad (4, Informative)

Des Herriott (6508) | more than 11 years ago | (#5278043)

Quantum cryptography has the potential to solve problem (2) - it allows (what appears to be) truly secure key distribution by exploiting the quantum properties of photons. It's gone beyond the theoretical stage, and quantum channels have even been established through air (as opposed to a fibre-optic link).

Problem (1) is really hard to do well. And, no, a cheap soundcard is not the answer :)

Re:One Time Pad (1, Redundant)

mpe (36238) | more than 11 years ago | (#5278003)

One Time Pad is uncrackable... but the "key" is the same size as all the data you'll ever want to send... but DAMN it works. =]

So long as the numbers on the pad are genuinly random (not psudo random) and the pad is never reused.
When it comes to cryptography security is a function of the entire system. Rather than a function of cyphering algorithms. A bad implimentation or poor usage can mean that a good algorithm dosn't count for much.

First post! (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#5277880)

Big deal man, I got first post!

Re:First post! (-1)

Adolf Hitroll (562418) | more than 11 years ago | (#5278007)

You Are Being Flamed Because:
[X] YOU FAIL IT !!!
[ ] You posted a message concerning a pyramid scheme
[ ] You posted a "test" in a newsgroup other than alt.test
[ ] You posted something completely off-topic
[ ] You posted a "YOU ALL SUCK" message
[ ] You posted a phone-sex ad
[ ] You posted a blatant troll
[ ] You quoted an ENTIRE post in your reply
[ ] You continued a long, stupid thread
[ ] You started an off-topic thread
[ ] You said "me too" to something
[ ] You don't know which group to post in
[ ] You suck
[ ] Your sig/alias sucks
[ ] You brag about things that never happened
[ ] I don't like your tone of voice
[ ] I think you might be a fed
[ ] You're a Nazi
[ ] You're a bigot

My unbreakable encryption scheme (5, Funny)

offpath3 (604739) | more than 11 years ago | (#5277888)

I like to refer to it as the Two Time Pad. It's like the one time pad, but _TWICE_ as secure!

Or maybe Rot26? Or 2Rot13?

Re:My unbreakable encryption scheme (0, Redundant)

Jason1729 (561790) | more than 11 years ago | (#5277921)

Wouldn't a *two time pad* be half a secure as a one time pad? That implies you use the same pad twice.

Even if you applied the OTP algorithm twice, it would still be no more secure than a single OTP because your two one time pads are virtually equivalent to a single OTP that's the sum of the two you're using.

Jason
ProfQuotes [profquotes.com]

Re:My unbreakable encryption scheme (3, Insightful)

offpath3 (604739) | more than 11 years ago | (#5277941)

It was a joke. This is actually how the US cracked some Russian codes during the cold war. Some Russian agent re-used the same pad, and so of course C1 XOR C2 will give you M1 XOR M2 if you use the same pad, and Russian (as well as English) is predictable enough that you can construct the entire original 2 messages from the XOR of them.

Re:My unbreakable encryption scheme (1)

Jugalator (259273) | more than 11 years ago | (#5278035)

Hehe... You just gave me an idea! I'll make a Triple-DES algo... no, wait.

Given their historical records... (-1, Flamebait)

Anonymous Coward | more than 11 years ago | (#5277889)

Israelis should not be trusted.

In other news (3, Funny)

Anonymous Coward | more than 11 years ago | (#5277890)

Oracle Claims Database Unbreakable.

tsarkon repots in soviet russia irsaeli firms (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#5277892)

in soviet russia israeli firms BREAK YOU!

I'll save you all some time. (4, Funny)

philovivero (321158) | more than 11 years ago | (#5277897)

It's been hashed, rehashed, and rehashed again. There's no such thing as unbreakable encryption.

Not even the one-time-pad is resistant to being hacked (think social engineering).

Get over it, and stop fantasizing about unbreakable encryption, your own chobits [fcpages.com] , Natalie Portman [faemalia.org] , beowulf clusters of mecha [wikipedia.org] , and being as rich as the sub-human wannabe-geek [greenspun.com] already, okay?

Huh? (1)

autopr0n (534291) | more than 11 years ago | (#5277935)

Not even the one-time-pad is resistant to being hacked (think social engineering).

Social engineering is beside the point. If you destroy the key after you encrypt, and the other person destroys the key after they decrypt, it would be absolutly impossible to recover the message from the cyphertext again. Destroy the message, and the information is gone. Forever.

That dosn't mean you can't get the information, just that you can't get it from the cyphertext. Which is the point.

Re:Huh? (1)

jtdubs (61885) | more than 11 years ago | (#5277976)

This is untrue. See my other post on this story.

One-time pads are vulnerable both during the process of pad generation and during the process of pad distribution. Remember, both parties need to somehow get copies of this pad.

If, like you said, the message has already been sent, both pads are destroyed, the process for creating the pads is truly secure and truly random, and there are no other message encrypted with the same pad, than yes, it is secure.

Justin Dubs

Re:Huh? (1)

mpe (36238) | more than 11 years ago | (#5278017)

Social engineering is beside the point.

If the original message was created by humans then these humans are part of the system

If you destroy the key after you encrypt, and the other person destroys the key after they decrypt, it would be absolutly impossible to recover the message from the cyphertext again. Destroy the message, and the information is gone. Forever.

Only if the encrypted message was the only copy which ever existed. Destroying the key and the cyphertext dosn't destroy the information if a copy of the plaintext still exists.

Nice, but where is the source? (5, Insightful)

Daath (225404) | more than 11 years ago | (#5277900)

We'd like some peer reviews please.

Re:Nice, but where is the source? (5, Funny)

punkmanandy (592682) | more than 11 years ago | (#5277983)

well, if we told you how we did it, then it very well wouldnt be unbreakable, would it? you need to trust us with your data. these are not the backdoors you are looking for.

usb mass storage = huge key (3, Interesting)

Zork the Almighty (599344) | more than 11 years ago | (#5277903)

Why don't people use USB "keychain" devices (oh the irony) to store gigantic one-time-pad keys ? The 512MB or 1GB or whatever on these things would go pretty far, the only problem is that if they were seized, someone could read your messages (which is always a liability with using the one-time-pad..)

Re:usb mass storage = huge key (2, Interesting)

xpurple (1227) | more than 11 years ago | (#5277952)

You think this doesn't happen? It does. Also to note that a good way to get rid of one of those little buggers is a microwave.

In a pinch a hammer will do too.

Huge keys are easy to get ahold of. Just hash against things that are available, and not obvious. You know, some random data CD's contents, an mp3, your favorite vi clone. As long as the file you are encrypting is smaller than the pad you will be fine.

Note that some things work better than others to hash against :)

Re:usb mass storage = huge key (2, Insightful)

evalhalla (581819) | more than 11 years ago | (#5277992)

Because it can work if you only have to encrypt up to 512 MB (or 1 GB) of data for a while and then read it again yourself. If you had to give the encrypted data to someone else you would have to let him have the keychain device (or one with a copy of the same key) through a secure medium, and this is only slightly easier than giving them a printed copy of the whole key.

Oh, and then there is still the problem of the destruction of the key after it has been used.

Of course if you're using encryption for something that could change the fate (and economy) of your whole country the OTP is worth using...

Re:usb mass storage = huge key (1)

maxmg (555112) | more than 11 years ago | (#5278019)

the only problem is that if they were seized, someone could read your messages (which is always a liability with using the one-time-pad..)

At least take the additional step of encrypting the key with a passphrase (which of course you do not tell anyone). Makes the whole thing slightly more secure.

Sounds good... (5, Interesting)

fi-greenie (514665) | more than 11 years ago | (#5277904)

Although it's not so easy to crack for example a 2048-bit RSA key, it's easy to break the guy who encrypted the data with it.

Unless the guy kills himself after encrypting the data, thus creating the "almost unbreakable" encryption.

What one fool can create, another can break.

Only one sure way to find out (3, Funny)

jpnews (647965) | more than 11 years ago | (#5277909)

It's easy enough to test. Offer a monetary reward to anyone who breaks it. This is the traditional response to such claims, is it not? I'll let you know where to send the check...

Re:Only one sure way to find out (2, Funny)

TheOldFart (578597) | more than 11 years ago | (#5277972)

Break this and win a free weekend at the Gaza Strip Inn. An to those saying there is no such a thing as unbreakable encryption, have you ever trying deciphering the US Tax code?

Re:Only one sure way to find out (1)

CProgrammer98 (240351) | more than 11 years ago | (#5277974)

Ummm did u read the article? They offered a $1,000,000 and a ferrari as a prize, they claim 2 million have tried but nobody has succeeded.

Exceptionally random cipher text (3, Insightful)

The_Spide (571686) | more than 11 years ago | (#5277910)

> creates exceptionally random cipher text and
> combines it with a one million-bit key

How can a deterministic computer create anything
more then pseudorandom ?

Re:Exceptionally random cipher text (4, Informative)

szo (7842) | more than 11 years ago | (#5277932)

With hardware. Geiger-Müller for example. Or measuring thermic movement of certain electrons.

Szo

Re:Exceptionally random cipher text (1)

punkmanandy (592682) | more than 11 years ago | (#5277963)

of course it is unbreakable. Can't you see that you have to have the ciphertext BEFORE you can encrypt the plaintext. If the ciphertext means nothing, then you canst decrypt it.

Re:Exceptionally random cipher text (4, Insightful)

jtdubs (61885) | more than 11 years ago | (#5277967)

By using a non-software-based, outside source of entropy. Send up a weather baloon connected to your serial/parallel port. Retrieve real-time data, disgard a few of the most significant figures, and use the rest.

In other words, there are many ways.

Justin Dubs

Re:Exceptionally random cipher text (1)

haggar (72771) | more than 11 years ago | (#5278001)

There are hybrid-design chips that generate truly stochastic processes, using thermal white noise.

Re:Exceptionally random cipher text (0)

Anonymous Coward | more than 11 years ago | (#5278021)

By using flaky hardware ?

Re:Exceptionally random cipher text (2, Insightful)

mako (30489) | more than 11 years ago | (#5278038)

I would like someone to explain to me what the hell exceptionally random means. Is it like being exceptionally pregnant? Or exceptionally out of gas?

Snake oil (4, Insightful)

Scarblac (122480) | more than 11 years ago | (#5277911)

From the article:
"Most of the encryption community called our product snake oil," says Backal. "Everyone competed to throw stones at us and didn't bother trying to understand the product."

So, 1) They have an unbelievable claim (unbreakable encryption) and 2) the extremely knowledgeable encrypton community, who have much experience with breaking encryption, has seen their product and calls it snake oil.

It is snake oil. Move along.

Re:Snake oil (2, Insightful)

Cappy Red (576737) | more than 11 years ago | (#5277977)

The idea of continental drift, if my schooling doesn't fail me, was not invented by a geologist, and was, in fact, called bunk by many of said field. Popular support never makes anything right.

Now, they do have an extraordinary claim, and one that I too don't believe. I don't believe that any encryption is unbreakable, but that doesn't mean it is "snake oil". It could still be really really tough to crack.

*honk*

Re:Snake oil (1)

Scarblac (122480) | more than 11 years ago | (#5277996)

Now, they do have an extraordinary claim, and one that I too don't believe. I don't believe that any encryption is unbreakable, but that doesn't mean it is "snake oil". It could still be really really tough to crack.

Yeah, but read the quote, typical snake oil... "The security community just kept throwing stones at us" (ie, pointing out fatal flaws), "but they didn't take the time to *understand* it!" (read "I don't understand it myself").

It sounds like they did put it up for review somewhere, and it was shot down, and they now think that's unfair.

No, no, no! (3, Insightful)

Trogre (513942) | more than 11 years ago | (#5278014)

Because some experts have been burned by fakes in the past does not necessarily make everything snake oil.

Because they dismissed this product as more of the same before actually evaluating it does not make it snake oil.

Probably snake oil, yes. But on the other hand it could be something quite revolutionary.

There's nothing quite like apathy to retard progress.

Why should unbreakable encryption be difficult? (1)

kghougaard (315693) | more than 11 years ago | (#5277912)

You just need a key as long as the text to be encrypted, then it's unbreakable.

At least if you don't have en infinite improbability drive. Then you could break the encryption AND travel to the restaurant.... Oh newer mind.

Every time I reread any of Douglas Adams' books, my friends think I become strange.

Re:Why should unbreakable encryption be difficult? (0)

Anonymous Coward | more than 11 years ago | (#5277948)

> Oh newer mind.

I'd like one of those...

Practically unbreakable (2, Informative)

boomgopher (627124) | more than 11 years ago | (#5277913)

They use a 1 MB key to encrypt the data, whee.

It's not theoretically unbreakable, just practically unbreakable with today's technology.

Rotating cleartext? (1)

mr100percent (57156) | more than 11 years ago | (#5277914)

"Meganet offers a patented non-linear data mapping technology, called VME (Virtual Matrix Encryption), that creates exceptionally random cipher text and combines it with a one million-bit key, which is unheard of in today's data security markets. Competing solutions offer a maximum of 256 bits."

So is this a rotating cleartext or what?

repeated claim... (4, Funny)

danielhsu (78479) | more than 11 years ago | (#5277915)

> This isn't the first time someone's made this claim, or second, or third ...

And if this story gets reposted, it'll seem like a fourth!

one time pad (0, Redundant)

valentyn (248783) | more than 11 years ago | (#5277917)

Any news article claiming that a "Company develops unbreakable data encryption code" is silly. Unbreakable data encryption has been developed long ago, it's called a one time pad and there is strong mathematical proof that it's unbreakable. The problem is, of course, it's key distribution - but that's another story.

unbreakable? (1)

TenPin22 (213106) | more than 11 years ago | (#5277918)

There's no such thing as unbreakable encrytion, only encryption which is hard to break. You can always use brute force attacks and the time required to succeed is dependent on how much processing time you throw at the problem.

No such thing (4, Funny)

Wrexs0ul (515885) | more than 11 years ago | (#5277919)

Wonderful article, but how good is encryption when your fundamental flaw in data security is the people who use it?

Case in point: 128-bit SSL keys, MD5 hashed passwords on a system utilizing firewalls and a database whose data is encrypted by the super-uncrackable-key(tm)... owner connects to the site over the internet via telnet...

We should invent encrypted people. That way not only would data be safe, but it's so secure the guy next to you has no idea what you're talking about!

Sincerely,

-Matt

Re:No such thing (1)

rediguana (104664) | more than 11 years ago | (#5277980)

We should invent encrypted people. That way not only would data be safe, but it's so secure the guy next to you has no idea what you're talking about!

What a random idea! But why not just use (future) technology. Imagine if everyone used a voicebox implant and you had the option of speaking in plainvoice or cryptvoice. You can negotiate an encrypted channel with another voicebox, and not hear any other encrypted chats nearby and they don't hear you. Plainvoice would still come through depending on how you had the voicebox configured.

Re:No such thing (1)

maxmg (555112) | more than 11 years ago | (#5278036)

Then I am already encrypted! Most of the time people have absolutely no clue what I'm on about...

One time pad, quantum encryption are unbreakable (1)

autopr0n (534291) | more than 11 years ago | (#5277920)

I'm certain that One time pad encryption (where you use a stream of random data the same length as the input as a key, and you only use it ONCE) is unbreakable.

I also believe that some form of quantum encryption has been proven to be unbreakable, but I have no idea how it works, or why. Especially since a regular computer can do anything a quantum computer can do, if given enough time.

If these Israelis could prove mathematically that their encryption method can't be easily reversed, then I think they might as well claim it's unbreakable as you can say something like "the key can't be found even if every atom of silicon on earth was used as a transistor, and was used as one until the sun burns out". Or something like that. Remember, public key crypto is only believed to be secure, since no one's been able to figure out how to factor large numbers quickly. It doesn't mean they never will.

Personaly, I doubt it, though.

Re:One time pad, quantum encryption are unbreakabl (1)

toriver (11308) | more than 11 years ago | (#5277991)

I also believe that some form of quantum encryption has been proven to be unbreakable, but I have no idea how it works, or why.

I think that's what makes it unbreakable.

Re:One time pad, quantum encryption are unbreakabl (0)

Anonymous Coward | more than 11 years ago | (#5277999)

Remember, public key crypto is only believed to be secure, since no one's been able to figure out how to factor large numbers quickly.

Especially, large prime numbers. That'd be the obvious mathematical breakthrough [caltech.edu] .

Re:One time pad, quantum encryption are unbreakabl (1)

riedquat (226343) | more than 11 years ago | (#5278033)

Quantum encryption - in the only form I've heard about - needs special hardware, a continuous fibre optic cable between the two parties who want to exchange data.

AFAIK It is thought to be unbreakable at the moment, but it can't be used over existing data networks. It doesn't have a lot to do with quantum computing.

Encryption and compression (5, Funny)

atcurtis (191512) | more than 11 years ago | (#5277924)

I have an amazing encryption and compression method - it encrypts and compresses any message into a single binary bit! No one else can decipher the message... not even the recipient... unless they have the decryption key...

Which is unfortunately 2x the size of the original message.

Ho hum...

Looks like an advertisement (2, Insightful)

vor (142690) | more than 11 years ago | (#5277925)

The first few paragraphs offer some details on what was developed...

Then for the rest of the article there is just information on Meganet's business health. Looks more like they're trying to spur investing into the company rather than offer details on how the product works.

Until the source code is published and subjected to peer review like PGP was, then and only then can it be deemed "secure." Until then I'll be running PGP on my computer powered by cold-fusion generated electricity =)

A one meg key?!? (1)

Legion (15548) | more than 11 years ago | (#5277926)

You gotta be kidding me! *That's* your solution to "unbreakable"? Does anyone know what this "Virtual Matrix Encryption" they're talking about is, or is it just another Keanu Reeves joke?

no thanks (1)

borat (561207) | more than 11 years ago | (#5277928)

will people pay them big money just because they have a fancy '1 million bit key' and a closed encryption scheme? why trust them? they make a big deal out of offering a prize to anybody who can break it, and nobody was able to. but there's tons of ways to encrypt a file that can't be brute forced in a few months.

Correction: (2, Insightful)

Dark Lord Seth (584963) | more than 11 years ago | (#5277931)

Meganet offers a patented non-linear data mapping technology, called VME (Virtual Matrix Encryption), that creates exceptionally random cipher text and combines it with a one million-bit key, which is unheard of in today's data security markets.

That means: "Not unbreakable, but certainly not feasible to even try with current technology." Why is it that as soon as something becomes hard to do it is considered impossible and thus vastly overrated untill the opposite proves itself? I can imagine that quite allot of Good Things(tm) have gone to hell and back again only because they were kickstarted into a hype of invulnerability untill the opposite happened, causing everyone to suddenly ditch it...

Oh Good... (2, Funny)

Senjutsu (614542) | more than 11 years ago | (#5277933)

A preview from next month's Dog House section of the Crypto-Gram.

A One Million bit key? Unbreakable? Schneier is going to have a field day with this one.

Re:Oh Good... (2)

bigboard (463204) | more than 11 years ago | (#5277990)

He already has! Back in a 1999 cryptogram dealing with encryption snake oil.

http://www.counterpane.com/crypto-gram-9902.html

Didn't people... (1)

Infestation (571698) | more than 11 years ago | (#5277936)

... once claim that the knapsack method of encryption was virtually unbreakable? all this huge key means, is that it will be many many years before these encrytions can be feasably broken by brute force. this doesn't even bring things like stealing keys and social engineering into play.

They've reinvented the one-time pad? (1)

Patrick May (305709) | more than 11 years ago | (#5277939)

The only unbreakable encryption is the one-time pad, used correctly. Anyone claiming otherwise is either a fool or trying to sell something to fools.

Hmm, questions... (2, Informative)

mtnharo (523610) | more than 11 years ago | (#5277940)

Anyone think there is any truth to their claims of one million bit encryption? Seems like it would take an awful long time to work with, too long to be really usefull. I thought 4096 keys for current methods were deemed strong enough for at least a few years. Hell, we just had an article about 1024 bit keys needing 1 year and/or large quantities of $$$ to break, how can they claim everything else has been broken in the last 5 years (Brute forced doesn't matter. Anything can be cracked given enough time, flawed methods = cracks without major work for many keysets), and that competing techs use only 256 bits? Hmmm... this needs some investigating. I do like the bit about the NSA wanting to prevent them from exporting(just like every non-flawed encryption system). PGP went through the same thing if I recall correctly, and there were "do not export to warnings" on IE just for having 128-bit SSL. Seems like this may be a little bit of hype and marketing to dig through.

(Congrats and Kudos to them if they pulled it off, but I remain skeptical as always until I see some full-on analysis from experts in the field, not a brochure-derived article)

old news (3, Interesting)

Anonymous Coward | more than 11 years ago | (#5277944)

heard this last year. it's a seeded one-time pad.

generating your OTP by means of an algorithm is not a good idea.

the "one million bit" is simply the length of the pad required for a one-million character message.

essentially, any pseudo-random-number generator algorithm is identical to this.

PRACTICALLY unbreakable (4, Insightful)

Anonymous Coward | more than 11 years ago | (#5277953)

Their glick is using a 1MB long key (4000 times longer than current encryption methods). They say it's going to be the strongest in the next 5-6 years.

The title "unbreakable" was created by the journalist (and it appears to have worked, they got a story in slashdod).

Unbreakable.. (1)

FungiSpunk (628460) | more than 11 years ago | (#5277957)

..my ass!
At some point the message needs to be decrypted, so that's always the weak spot, otherwise it's meaningless garbage! Amount of time and power needed to do this aside, the code has to be able to be decrypted, so all you need is the key, no matter how you obtain it, no matter how long it takes, no matter how much power is needed to get it.
This lesson in the blinding obvious brought to you by the same people who gave you "Common Sense - The ultimate RTFM to life!"

Why is this even being posted on slashdot? (1)

autopr0n (534291) | more than 11 years ago | (#5277964)

Are the slashdot editors really this ignorant? This is pure BS. Christ.

well (0)

Anonymous Coward | more than 11 years ago | (#5277965)

Read an article in a scientific magazine about using some quantum tenchniques for encryption.
Supposed to be uncrackable on the fact that if you try to look at the key(atoms) you effectly have to add energy to it and thereby changes the key.
Quite a known "law" - you influence the system if you observe it.

But this one ? I doubt it

256 Bits? I think not. (2, Interesting)

infernow (529374) | more than 11 years ago | (#5277968)

Competing solutions offer a maximum of 256 bits.

Well, with a statement like that, I have to wonder who they're competing with.

Seriously, though. Who uses a 256 bit key anymore? AFAIK, the suggested key size is at least 1024 bits.

And this won't help the problems they're addressin (2, Insightful)

Scarblac (122480) | more than 11 years ago | (#5277971)

They point at websites where credit card numbers where stolen, and say their unbreakable encryption will help there.

Well, surely those weren't encrypted, but were simply stored in some directory in unencrypted text? Almost always it's just stupid security that's the problem. Any sort of modern encryption would have been good enough, too.

And if you can't keep crackers away from your credit card numbers, why would you be able to keep them away from your 1Mb key?

My unbreakable encryption scheme! (5, Funny)

Alsee (515537) | more than 11 years ago | (#5277973)

Take input file and pipe it to dev/nul,
Take dev/random and pipe it to output file.

Guaranteed unbreakable encryption!

-

LOL "Why do we keep pronounce VME is unbreakable" (4, Funny)

accident (575230) | more than 11 years ago | (#5277979)

(grammar theirs)
When a transmission of conventional algorithm is sent, it includes an encrypted form of the actual data. Given that a hacker have enough computing power and time, any message can be deciphered. With the VME engine the case is different; the actual data is never transferred. Therefore, when intercepted by a hacker, the results will yield absolutely nothing. [source] [meganet.com]
This is so incredible I just can't read anymore.

VME was broken (5, Informative)

eddy (18759) | more than 11 years ago | (#5277987)

I haven't read the article (c'mon!) but I saw the mentions of VME, which...well... was broken [google.com] .

It's snakeoil. Just marketing, no security. Move along. Nothing to see here.

Re:VME was broken (2, Informative)

eddy (18759) | more than 11 years ago | (#5277997)

Okay, that was just the decryptor, but IIRC it was broken (found weak) also elsewhere in sci.crypt. Bruce Schneier mentions them back in 1999... in his snakeoil column.

The telltale signs of snakeoil encryption (5, Insightful)

philipsblows (180703) | more than 11 years ago | (#5278000)

From the press release or whatever that is:

Meganet Corporation's founder, Saul Backal, claims that its solution can put an end to these problems. Meganet offers a
patented non-linear data mapping technology[1], called VME (Virtual Matrix Encryption)[2], that creates exceptionally random cipher text[3] and combines it with a one million-bit key[4], which is unheard of in today's data security markets. Competing solutions offer a maximum of 256 bits[5].
"There is nothing stronger in existence,"[6] says 38-year-old Backal, a dual Israeli-U.S. citizen[7] who was a tank commander in the IDF in the Lebanon war[8]. "All other encryption methods have been compromised in the last five to six years."[9]
  • [1] A cool, wordy name for this new, fantastic technology
  • [2] An even cooler, trademark-able acronym
  • [3] Hand waving
  • [4] An excessively-large encryption key, to impress us
  • [5] A dig on current encryption key size, since smaller keys == less encrypted...
  • [6] Outlandish claim
  • [7] Mysterious lineage of the founder. Hmmmmm.
  • [8] Tank commanders. Does anyone understand encryption better than these guys?
  • [9] Article claims this one has been in development for 11+ years... see how long it takes to cryptanalyze having appeared on slashdot!

Even though this is probably bogus, the prize for breaking it looks interesting

In an attempt to prove VME's strength, Meganet began offering prizes such as a Ferrari or $1m. to anyone who could break into a VME-protected file. So far, two million people have attempted to crack the code, but none have managed.

This is the dumbest thing I've read in a long time (2, Insightful)

mlyle (148697) | more than 11 years ago | (#5278006)

One of the key metrics of a cipher's strength is how strong it is in comparison to its key size. 256 bit ciphers, if brute force is the best attack, are immune to brute force with any imaginable technology (it is hard to imagine building a machine with matter that can count to 2^256, let alone try and brute force a cipher).

Making the key huge just makes the other potential sources of compromise (compromise by bad key generation or distribution) easier. If you want a huge keystream, you might as well use a large one time pad.

I don't really see what the point is of this encryption scheme.

If your cipher is that good ... (0)

Anonymous Coward | more than 11 years ago | (#5278022)

why on earth do you need a one million-bit key to secure it?
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...