Provable Security (and lifehacking, Anonymous)

The crypto people have a wonderful concept called “provable security.” It’s not quite as wonderful as you’d think, since rather than proving that a given system is actually secure — few are, other than the famous One-Time Pad — it merely proves that the system is as secure as another system.

Where’s the use? Well, if you have a system whose security you’re really confident in, it’s nice to know your other brand new system is just as secure.

I wish I could think of a good equivalent in physical / human security. Sadly, the closet equivalents are ratings… but the ones I know of all relate either to “it has this many features” or “it passed these specific tests.” Compared with math, this raises the possibility that your new lock or safe will have the same rating as your old one — but suffer from a new vulnerability or easy drill point that makes it less secure.

It does, however, suggest a useful general principle: when designing a system, try to design it so that the system’s security is clearly determined by known-secure components. If there are window locks you aren’t sure about, secure them so it’s certain the door is the only way in.

Lifehacking, stuff I learned today edition:
Schumann resonance – brain waves – circa 7.8Hz
Geomagnetic waves – vegetative nervous system – circa 10kHz
“Solar” waves – cellular oscillations – circa 250MHz
Far infrared – cell nuclear oscillations – circa 10^15 Hz

Anonymous: After the USSC website was hacked, taken offline, and restored, Anonymous re-hacked it (!) by adding an “Easter egg” game of Asteroids, activated by the Konami cheat code (up, up, down, down, left, right, left, right, B, A, enter). (

Anyone know a playable mirror?

(The originally promised daily redacted disclosures appear not to have materialized.

Also, certain government “cybersecurity” forces have announced they intend to quintuple in size.)

“The term ‘security proof’ is misleading in that it gives you the impression that a scheme is, well… provably secure. There aren’t many schemes that can make this claim (aside from the One-Time Pad). Most security proofs don’t say this, and that can lead to misunderstandings.

The proofs that we see in day-to-day life are more accurately referred to as security reductions. These take something (like a cryptographic scheme) and reduce its security to the hardness of some other problem — typically a mathematical problem, but sometimes even another cryptosystem.

A classic example of this is something like the RSA-PSS signature, which is unforgeable if the RSA problem is hard, or Chaum-van Heijst-Pfitzmann hashing, which reduce to the hardness of the Discrete Logarithm problem. But there are more complex examples like block cipher modes of operation, which can often be reduced to the (PRP) security of a block cipher.

So the point here is that these proofs don’t actually prove security —
since the RSA problem or Discrete Log or block cipher could still be broken. What they do is allow us to generalize: instead of analyzing many different schemes, we can focus our attention one or a small number of hard problems. In other words, it’s a different — and probably much better — way to allocate our (limited) cryptanalytic effort.”

%d bloggers like this: