Fiber cut - response in seconds?

Tue Jun 2 19:20:38 UTC 2009

> 
> Really? I don't think so. I imagine it would be much more dependent on
> the amount of computing power the attacker has access to. More
> encrypted
> blobs won't help. If that was the case then the various encryption
> schemes in wide use today would be cracked already. Bad guys can setup
> networks and blast data through it and have complete access. I don't
> see
> them cracking encryption.

Without getting into the math involved, Vlad (and others) are correct. This is why there is key migration (regeneration/renegotiation/repudiation) along these multi-gigabit/multi-terabit streams. 

Your obfuscation strength (I don't care how many digits you have in your key, your cipher, what have you) is computed against the amount of data you are obfuscating. If I am obfuscating 1 byte of data, my math functions do not need to be as large as obfuscating 2^128 bits. 

There are plenty of non-classified books regarding COMSEC, INFOSEC and all their related interworking bits (even COMINT, SIGINT and HUMINT). Plenty of NANOG folks have been in these communities and that is why they say things that make sense regarding physical and network security. Even if you haven't been in these groups, the non-classified books are sufficiently sophisticated as to give even a layperson a respect for the layers of security (and the discipline behind it) needed to provide even the most minimal level of protection.

The h4x0r kids who think magnets on their doorways, tin foil hats, or willy-nilly encryption using their email-exchanged PGP keys are protected are welcome to their sandbox too -- let's just keep it away from those of us who like things that provably work [most of the time ;)].

DJ