Fiber cut - response in seconds?
David Barak
thegameiam at yahoo.com
Tue Jun 2 18:56:32 UTC 2009
--- On Tue, 6/2/09, Charles Wyble <charles at thewybles.com> wrote:
> David Barak wrote:
> > Encryption is insufficient - if you let someone have
> physical access for a long enough period, they'll eventually
> crack anything.
>
> Really? I don't think so. I imagine it would be much more
> dependent on the amount of computing power the attacker has
> access to. More encrypted blobs won't help. If that was the
> case then the various encryption schemes in wide use today
> would be cracked already. Bad guys can setup networks and
> blast data through it and have complete access. I don't see
> them cracking encryption.
Paranoia 101 teaches us that any given encryption approach will eventually fall before a brute-force onslaught of sufficient power and duration[1]. I'm not trying to argue that the attacker in this case could necessarily detect a flaw in the algorithm; rather, they'll get an effectively infinite number of chances to bang against it with no consequences. Once it's cracked, the attacker will *still* have the physical access which is thus compromised, and then has free access to all of the transmissions.
Physical security is a prerequisite to all of the other approaches to communication security. Those cases where physical security is presumed to be non-existant have to rely on a lot of out-of-band knowledge for any given method to be resistant to attack, and it's very hard to make use of a connection of that type for regular operations.
Pretty much all security eventually boils down to people with firearms saying "don't do that."
David Barak
Need Geek Rock? Try The Franchise:
http://www.listentothefranchise.com
More information about the NANOG
mailing list