Fiber cut - response in seconds?

David Barak thegameiam at
Tue Jun 2 18:56:32 UTC 2009

--- On Tue, 6/2/09, Charles Wyble <charles at> wrote: 
> David Barak wrote:
> > Encryption is insufficient - if you let someone have
> physical access for a long enough period, they'll eventually
> crack anything. 
> Really? I don't think so. I imagine it would be much more
> dependent on the amount of computing power the attacker has
> access to. More encrypted blobs won't help. If that was the
> case then the various encryption schemes in wide use today
> would be cracked already. Bad guys can setup networks and
> blast data through it and have complete access. I don't see
> them cracking encryption.

Paranoia 101 teaches us that any given encryption approach will eventually fall before a brute-force onslaught of sufficient power and duration[1].  I'm not trying to argue that the attacker in this case could necessarily detect a flaw in the algorithm; rather, they'll get an effectively infinite number of chances to bang against it with no consequences.  Once it's cracked, the attacker will *still* have the physical access which is thus compromised, and then has free access to all of the transmissions.

Physical security is a prerequisite to all of the other approaches to communication security.  Those cases where physical security is presumed to be non-existant have to rely on a lot of out-of-band knowledge for any given method to be resistant to attack, and it's very hard to make use of a connection of that type for regular operations.

Pretty much all security eventually boils down to people with firearms saying "don't do that."

David Barak
Need Geek Rock?  Try The Franchise: 


More information about the NANOG mailing list