Conventional Security

Symmetric encryption uses complex patterns of substitution and transpositions. For the best of these currently in use, it is not known whether there can be a cryptanalytic procedure that can reverse (or partially reverse) these transformations without knowing the key used during encryption. Asymmetric encryption algorithms depend on mathematical problems that are thought to be difficult to solve, such as integer factorization and discrete logarithms. However, there is no proof that these problems are hard, and a mathematical or computational breakthrough could make existing systems (and already encrypted data) weak or vulnerable.

For example, a former U.S. government Data Encryption Standard (DES) encryption algorithm, was first officially broken in 1997, followed by a more efficient break in 1999 that allowed obtaining plaintext in just 22 hours. It is believed that certain DES vulnerabilities were known well before. In 1977, Diffie and Hellman proposed a machine, which could find a DES key in a single day. By 1993, M. J. Wiener had proposed a key-search machine, which would find a key within 7 hours. There is more evidence suggesting that modern commercial encryption, especially asymmetric cryptography, is vulnerable to sophisticated attacks, attacks that can be carried out by actors with significant resources and access to sophisticated technology.

Given perfect secrecy, in contrast to conventional encryption, One-time Pad is immune even to brute-force attacks. Trying all keys simply yields all plaintexts, all equally likely to be the actual plaintext. Even with known plaintext, like part of the message being known, brute-force attacks cannot be used, since an attacker is unable to gain any information about the parts of the key needed to decrypt the rest of the message. Other symmetric encryption, having a part of the message in cipher and plain texts, may lead to obtaining an encryption key that can be used to decrypt the rest of the encrypted message. Properly used One-time Pad is secure in this sense even against adversaries with infinite computational power and infinite time.



Secure Communication Solutions

Customers must be qualified to use SECROM. Certain products and services are only available to U.S. Persons, as defined in the International Traffic in Arms Regulations. Qualifications are subject to change without notice. Other limitations apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.

Copyright © 2016 SECROM. All Rights Reserved.

Go to top