Jump to content

Talk:Strong cryptography

Page contents not supported in other languages.
From Wikipedia, the free encyclopedia
This is an old revision of this page, as edited by Dimawik (talk | contribs) at 21:15, 27 June 2023 (Differences wrt Security level: Reply). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.
WikiProject iconCryptography: Computer science
WikiProject iconThis article is within the scope of WikiProject Cryptography, a collaborative effort to improve the coverage of Cryptography on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.CryptographyWikipedia:WikiProject CryptographyTemplate:WikiProject CryptographyCryptography
???This article has not yet received a rating on the importance scale.
Taskforce icon
This article is supported by WikiProject Computer science.

Russian ban?

Does Russia really has banned using of strong crypto? Where is the source of that info?! — Preceding unsigned comment added by 213.85.50.2 (talkcontribs)

oppose merger w/ cryptographically strong

Strong cryptography is a noun, referring to any of a semi-mythical group of cryptosytems which are especially hard (or even impossible) to break. Cryptographically strong is a related adjective which applies to various cryptographic entities such as algorithms, protocols, and even cryptosystems. These are not the same concepts, though related. Putting them in the same article will induce confusion in the mind of many Average Readers (who are confronting a twisty subject anyway) and this should be avoided. Parsimony is an admirable thing, but not when it increases the opportunity for confusion. ww 21:19, 8 August 2006 (UTC)[reply]

Differences wrt Security level

Note that Security level formally defines the cipher strength. The lead of this article should explain the difference (if none, a merge should be discussed) and explicitly point to the Security level article. Based on the sources, this seems to be an article about a legal definition. Comments are hereby solicited, especially from @Maxal, Alexander Davronov, and ArnoldReinhold: Dimawik (talk) 19:14, 23 June 2023 (UTC)[reply]

Tried to improve. Note that the lead still contains a paragraph (starting with "Demonstrating the resistance") that has no cites, and, while technically correct, has little to do with the subject of the article. My proposal is to delete it entirely. Dimawik (talk) 09:21, 24 June 2023 (UTC)[reply]
This article is more about a cybersecurity context of cryptography rather than about its technical definition. Personally I only wrote a part on the Russian law. I didn't edit the rest of the article. AXONOV (talk) 10:12, 25 June 2023 (UTC)[reply]
Thank you for a quick reaction. Still, it does not seem that the subject has any connections to, say, social engineering or password cracking, so it is related to hard knowledge. Am I correct? Dimawik (talk) 19:23, 25 June 2023 (UTC)[reply]
Fixed my reply's grammar. What do you mean by the "hard knoledge"? AXONOV (talk) 19:27, 25 June 2023 (UTC)[reply]
I coined this by analogy with hard skills / soft skills demarcation. The solution to password cracking, for example, is outside of the algorithmic arena: the education of the users and/or business decision to use alternative means of authentication can help (both do not require any knowledge of cryptography, and are based mostly on common sense, thus the "soft" label). The subject of this article, on the other hand, belongs to the intersection of technical/government policy intersection and involves understanding of the laws - and some general ideas of the current and future state of codebreaking. In my opinion, the strong encryption is the encryption that, at a given time, is unbreakable if properly used, is a major impediment to surveillance, and therefore frequently regulated. Dimawik (talk) 19:44, 25 June 2023 (UTC)[reply]

My understanding of strong cryptography is security systems that use or attempt to use the best available cryptographic primitives, as opposed to systems whose security is limited by restrictions on key length, built in weaknesses or back doors or other restrictions mandated by laws or regulations. Examples include the Clipper Chip, export controls and recent demands that tech companies allow authorities to inspect messages for child pornography.—agr (talk) 16:17, 27 June 2023 (UTC)[reply]

I almost 100% agree with you (almost, because - being outside the walls of the security agencies - we do not quite know what the state of the art is). I tried to shape the lead in the direction "strong one is impossible for a three-letter agency to mathematically crack if no blunders were made in implementation or use, weak one complicates the life of an aspiring hacker kid, but not too much - and definitely not for long", but the sources I had chosen made me to write what I have written. I would very welcome any sources that point to your definition as I understand it: strong cryptography is not the weak one, with the latter defined as intentionally crippled by the government regulations. Dimawik (talk) 21:15, 27 June 2023 (UTC)[reply]
Retrieved from "https://en.wikipedia.org/w/index.php?title=Talk:Strong_cryptography&oldid=1162240666"