The Orion's Arm Universe Project Forums





Random Number Generators from Smartphones
#1
They couldn't have come at a better time, too.

https://medium.com/the-physics-arxiv-blog/602f88552b64

Not even a Tipler Oracle could decrypt communication based in one-time pads.
Reply
#2
It would not take a Tipler Oracle to subvert the camera firmware ;-)

Quote:A quantum random number generator that works at 1 Mbps can also secure emails and even phone calls.

That doesn't even make sense. Generating a flood of random numbers is no good unless you can share it with message recipients securely. This is why one-time pads are created ahead of time and shared in a face-to-face meeting. Given the need to generate the numbers offline, speed is of secondary importance.
Reply
#3
(05-10-2014, 06:03 PM)Ithuriel Wrote: It would not take a Tipler Oracle to subvert the camera firmware ;-)

True, but in OA people can be subverted, so keep your hardware close.

(05-10-2014, 06:03 PM)Ithuriel Wrote: That doesn't even make sense. Generating a flood of random numbers is no good unless you can share it with message recipients securely. This is why one-time pads are created ahead of time and shared in a face-to-face meeting. Given the need to generate the numbers offline, speed is of secondary importance.

I think that's talking about keys, not pads. Random numbers can be used for both.
Keys can be securely transmitted using quantum key distribution.

If you have a quantum secure channel, you could also transmit arbitrarily large one-time pads that could then later be used for, e.g., cellphone communication.
Reply
#4
(05-11-2014, 06:40 AM)JohnnyYesterday Wrote: True, but in OA people can be subverted, so keep your hardware close.
Anders mentioned this in his recent paper. The current reality of computer security is that 'the attacker always wins'; that is, no matter how good your security is, in due course someone will find a loophole, no matter how trivial. Presumably that wouldn't be true of transapientech security - unless it were attacked by a higher toposophic entity.

Since humans and human derived beings will routinely employ significant amounts of software and hardware in their sphere of consciousness, they could be hacked directly, unless some reliable system could protect them almost all of the time.

Virtual sophonts would be in even worse peril, of course. Anders suggests some 'guard entities', isolated from internet connections, might be reliable enough to protect virtual sophonts and their substrates against attack. It might be a boring life, being a virtual gatekeeper, if you can't connect to the 'net.
Reply
#5
(05-11-2014, 06:40 AM)JohnnyYesterday Wrote: I think that's talking about keys, not pads. Random numbers can be used for both.
Keys can be securely transmitted using quantum key distribution.

If you need multi-million-bit keys, you might be reasonably said to be Doing It Wrong. You only need that much material for one time pads.

Asymmetric encryption algorithms that are not vulnerable to quantum computers appear to be plausible (look up multivariate polynomial encryption). Even in OA, these sorts of things would be resistant to brute force attacks by mid level transapients without needing million-bit keys.

(05-11-2014, 06:40 AM)JohnnyYesterday Wrote: If you have a quantum secure channel, you could also transmit arbitrarily large one-time pads that could then later be used for, e.g., cellphone communication.

Quantum communication channels are not a panacea. In the absense of a dedicated fibre optic or line-of-sight optical link connecting you with each person you wish to share a key with, you are potentially vulnerable to a man-in-the-middle attack.

(05-11-2014, 09:56 AM)stevebowers Wrote: Anders mentioned this in his recent paper. The current reality of computer security is that 'the attacker always wins'; that is, no matter how good your security is, in due course someone will find a loophole, no matter how trivial. Presumably that wouldn't be true of transapientech security - unless it were attacked by a higher toposophic entity.

There comes a point at which certain kinds of security flaw become unlikely. Formally proving the soundness of an AI is probably impractical, but building a sound toolchain that is provably correct sounds like the sort of thing a hyperturing would do for its own peace of mind, if nothing else.

By the time you're dealing with hyperintelligent security agents, all hacking is effectively social engineering (or memetics, of you'd prefer) or physical intrusion into their computing substrate (which can be made impractical for most attackers).

(05-11-2014, 09:56 AM)stevebowers Wrote: Anders suggests some 'guard entities', isolated from internet connections, might be reliable enough to protect virtual sophonts and their substrates against attack. It might be a boring life, being a virtual gatekeeper, if you can't connect to the 'net.

Unless you weren't designed with any sort of capacity for boredom, of course ;-) And, y'know, some people like voyeurism.

Building a perfectly isolated security system isn't possible, of course... it needs to be able to observe the mind state or communication of its charge, and that channel represents a means of attack.
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)