this post was submitted on 30 Sep 2023
1094 points (98.8% liked)

Open Source

31374 readers
82 users here now

All about open source! Feel free to ask questions, and share news, and interesting stuff!

Useful Links

Rules

Related Communities

Community icon from opensource.org, but we are not affiliated with them.

founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] jasory@programming.dev 2 points 1 year ago (1 children)

Encryption only works if certain parties can't decrypt it. Strong encryption means that the parties are everyone except the intended recipient, weak encryption still works even if 1 percent of the eavesdroppers can decrypt it.

[–] Lionir@beehaw.org 2 points 1 year ago (1 children)

I mean, I don't understand the point of an encryption that people can decrypt without it being intended. Just seems like theatre to me.

But yeah, obviously the intended parties have to be able to decrypt it. I messed up in my wording.

[–] jasory@programming.dev 1 points 1 year ago

You realise that most encryption can be decrypted by third-party? Many cryptography libraries have huge flaws, even the Handbook of Applied Cryptography was encouraging using Damgard et al's parameters for prime selection even though the original authors never claimed the accuracy that others assumed (without basis). Even now, can you guess how many cryptography libraries would be broken if someone found a BPSW pseudoprime? And we have arguments that they probably exist, but crypto developers just ignore it either out of ignorance or laziness.

In summary, it's all theatre, you just want to deny access to enough parties that it makes you comfortable.