New Quantum Cryptography Speed Record 221
Roland Piquepaille writes "Physicists from the National Institute of Standards and Technology (NIST) have established a world's speed record for 'unbreakable' encryption with their cryptographic system based on the transmission of single photons. With this kind of method, messages cannot be intercepted without detection, meaning transmission is always safe. The NIST 'quantum key distribution' (QKD) system was used between two buildings located 730 meters apart for transmitting a stream of photons at a rate of 1 million bits per second. While it might not look very fast, its 100 times faster than with previous quantum distribution systems. This overview contains more details and references about information theory."
Always? (Score:4, Insightful)
Always is a powerful word. Nothing is totally secure.
Re:Always? (Score:5, Insightful)
Ya cannae change the laws of physics
- Scotty, Chief Engineer
QC and evesdropping (Score:4, Interesting)
Granted, it's only a single bit, but it might be the most important bit of the message.
More seriously, depending on the protocol, the evesdropper may be able to intercept many bits before the intrusion is detected.
For example, if TCP/IP is implemented over the QC stream, the intruder may be able to get an entire packet before the receiver sends a "Stop; we're being evesdropped!" message back to the transmitter.
(Maybe more, with TCP/IP's sliding window.)
If the entire message fits in one packet ("Attack at dawn."), then the message has been compromised.
One way to avoid this would be to use a comm layer lower than TCP/IP that ACKs each bit, but this could be slow.
Another way would be to use the QC channel to exchange very large keys, then use them in another encryption layer if eavesdropping has not occured during key exchange.
Re:QC and evesdropping (Score:5, Funny)
Then again, the enemy would know that you knew he was eavesdropping, so he might anticipate that...
Somehow, this reminds me of Vizzini.
Re:QC and evesdropping (Score:4, Informative)
(1) Sender generates long random key
(2) Sender transmits key
(3) Receiver receives key
(4) Received acks that the key has been received securely
(4A) Design of a secure "ack" channel is an interesting question, don't know the answer for that off the top of my head!
(5) Sender computes (message XOR key)
(6) Sender transmits (message XOR key)
(7) Receiver receives (message XOR key)
(8) Receives computes ((message XOR key) XOR key) == message
Re:QC and evesdropping (Score:5, Interesting)
1) Alice generates a random number of bits.
2) Bob generates a random number of bits.
3) Alice sends bits sequence to Bob, and Bob reads them, noting the place where both are equal.
4) Bob tells Alice every place the bits are equal, over a CLASSICAL channel.
NOTE:
This is the part that needs understanding. The proof that you cannot evesdrop is as follow:
4a)If the bit that Alice sent is the same as Bob, but was intercepted at 3), Bob will see it as different, so the bit will be discarded.
4b)If the bit that Alice sent isn't the same as Bob, but was intercepted at 3), Bob will register it as the same and will try to use it. See 5).
5) Alice and Bob test a couple of bits to check the integrity, over a CLASSICAL channel. This is the critical part, you need a big enough sample to prove that it is equal, but not too big so that the attacker knows too much about the key. The sample needed isn't actually that big. If you have one bit wrong, it was eavesdropped or corrupted along the way. If you do not detect any wrong bit, it means that the attacker doesn't have much information about the key, if at all. If 4b) happened, this part will detect those 'bad bits' with accuracy.
6) Alice encrypt the message with the key and sends it to Bob as if it wasa one-time pad.
If you want more info about quantum computing, see a introduction by one of the forefathers of quantum computing, Gilles Brassard, who I had the joy to have a class with.
http://www.iro.umontreal.ca/~brassard/SSGRR.htm
Re:QC and evesdropping (Score:5, Informative)
No, no, no, no. All you're sending is the key. If the key is compromised, all you have to do is throw that key away and send another key. No actual data from the message is sent. Once the key is received, and you know it hasn't been comprimised, you can send the encrypted data through any unsecure channel you like at any speed. You could cache the keys in advance so the transmission can be unaffected by a DOS attack on the quantum transmission.
Re:QC and evesdropping (Score:2)
Re:QC and evesdropping (Score:3, Informative)
Re:QC and evesdropping (Score:2)
Re:QC and evesdropping (Score:2)
Actually you use quantum crypto to exchange key material. It's just meaningless random data at that point. You run the evesdropping detection protocol before you send any real data. The attacker may get a few bits of the key undetectably, but with a strong cipher that won't help him much.
Quantum crypto is a solution looking for a problem. It's only advantage over conventional methods
Re:Always? The Copenhagen interpretation... (Score:5, Funny)
Perhaps when somebody eavesdrops, a cat is killed?
Or does the universe split in two, one in which the eavesdrop has occured, and one in which it has not?
Re:Always? (Score:2)
Someone further down the list suggested that a timestamp system is also used, and someone else suggested that it uses parity share over some other protocol (i.e. two connections).
I should have read the artile, instead of scanning it, but clarification would be helpfu
Re:Always? (Score:3, Insightful)
Feel free to look into the past 2-3 weeks of
Re:Always? (Score:3, Interesting)
Actually, quantum crypto is not "provably secure" anymore than standard cryptography.
QC relies on the ability to emit photons, and to known probability distribution
Re:Always? (Score:4, Insightful)
This is total nonsense. Are you a cryptographer afraid to loose your job, with no physical background? Then please read the article before you respond.
I agree that the text and title posted to Slashdot is kind of misleading. All this QC does is making a channel on which eavesdropping impossible, without detection. Point. And it is.
This has actually nothing to do with crypto (you can breathe again, your salary is safe), it can be used as a nice method for key exchange in a crypto -solution. The solution in total can be hacked (do something nasty on the sending or receiving end, but the transmission cannot be listened to undetected.
Re:Always? (Score:2)
Please read my post and understand the topic before responding. It wouldn't seem like nonsense to you if you did.
I agree that the text and title posted to Slashdot is kind of misleading. All this QC does is making a channel on which eavesdropping impossible, without detection. Point. And it is.
No it's not. That's what I was explaining.
In order to b
Re:Always? (Score:2)
My bad. Though you were the other guy, sorry.
This is not going to be a discussion about semantics, is it? If I can push the probability below mere guessing, many people would call it "secure". Not in a mathematical sense, of course.
See, but I am talking in a mathematical sense. QC is neat, but I too often hear: "Unlike conventional crypto, QC in unbreakable/provably secure/etc."
The reality is, there a trade off between probability of undetected intercept, probability of false alarm, an
Re:Always? (Score:2)
Re:Always? (Score:2)
Re:Always? (Score:2, Informative)
Re:Always? (Score:3, Insightful)
Re:Always? (Score:2)
always is a very strong word if your basic assumptions are wrong from the beginning. i have not seen the proof that qc is so safe as they say it is...though i would like to.
"Always" and other key issues (Score:2)
By your logic there are no rules which "always" applies. Noone can claim correctness on anything.
You fail to see that the assumption that something was correct (as in correct enough) is what has driven science further, by alloving new and more correct truths to be established, and bringing humans away from myths and into a more scientific mindset.
But you are right. We are now such am evovled species that's lets ban the word "always" out of any known languages imidiatly. After all there is no legitema
Re:Always? (Score:2)
Re:Always? (Score:2, Insightful)
How about if I said, "With this kind of armored vehicle, passengers cannot be intercepted without detection, meaning transport is always safe." Now, the fallacy should be a bit easier to spot.
The passengers are not really safe at all, in fact they might be D.O.A., or maybe they just got interrogated along the way, or perhaps they were replaced by pod replicants. Whatever, if they were carry
Re:Always? (Score:2)
You're not sending the passengers, you're sending a bunch of suicide messengers with the magic password to open the impenitrable armor of the vehicle around their neck. If anyone comes into contact with the suicide messenger, they explode, destroying the information. You know someone tampered with your messengers because they show up dead. If that happens, you just change the pass
Re:Always? (Score:2, Insightful)
A better statement would be: "undetected eavesdropping on this quantum channel would require finding a physical situation that does not conform to the Schroedinger Equation". Instead of saying "X cannot be broken", one can say "X is at least as strong as Y", where Y is well-known to be very strong.
Re:Always? (Score:2)
Then you need to read up on quantum cryptography.
An attacker may be able to intercept a bit or two out of the message but because these are single photons if you intercept one it will be obvious that someone has intercepted the photon.
Because you can never be 100% sure of the position of the photon it would take a fair bit of trial and error just to intercept one and all of those other photons that you blocked in your attempt to catch one will be miss
Nothing that haven't been done before (Score:2, Funny)
(it's a joke)
Re:Nothing that haven't been done before (Score:5, Funny)
Nah, it's like morse code, only if you look at what you receive the probability wave collapses and the cat dies. This means quantum cryptography uses up a heck of a lot of cats, and this is why there's a limit on its practical usability and speed in the real world...
*cough*
A little star trek humor (Score:3, Funny)
[Scotty] I can't sir, the bloody computer's still encrypting a message to my girlfriend - I got no power!
[Romulans] b4w h4w h4w w3 0wnz j00!
[Kirk] W3 b3 0wn3d!
Hmmm (Score:2)
in KB/s (Score:5, Informative)
125,000
Not to bad for not using wireless undetectable (so far) encryption.
Re:in KB/s (Score:2)
1,000,000 / 10 = 100,000
100,000/1024 = 97.65
Still not bad...
Re:in KB/s (Score:2)
Man in the Middle? (Score:4, Insightful)
While Quantum physics certainly allows for scientific detection of observation (which would help you detect if someone is merely viewing your stream)
However, with all technology, this could be a common pocket-sized device some-day. So, would this not also fall under the problem of Man-in-the middle attacks? Read the quantum stream (eliminating the existance of said stream), and recreate the stream to the other point. This would create a delay, but without other forms of detection, it would not necessarily be as safe as wires... (as wires, at least, can be physically secuired. Hard to secure open air).
Re:Man in the Middle? (Score:5, Insightful)
-Cyc
Re:Man in the Middle? (Score:3, Informative)
Re:Man in the Middle? (Score:2)
What's stopping C from pretending to be B. If B can send back to A the parity bits without looking at them, so can C. A will say "Phew thank god that didn't get intercepted" (although B never received it at this point).
If C has the data i
Re:Man in the Middle? (Score:2)
(why I am I replying to an AC anyways?)
Doesn't work that way in QC... The key is built out of the data that Alice transmits to Bob - but the key itself is never transmit
The reason the man-in-the-middle attack fails (Score:3, Interesting)
Newtonian = struct; Quantum = object-oriented (Score:3, Interesting)
Quantum Cryptography: Privacy Through Uncertainty [csa.com]
Here's how I think about it as a computer programmer. Newtonian+Maxwell physics are like C data structures, where every member is public, and an experimenter can 'get' and 'set' arbitrary values. But quantum objects are like O-O objects: the internals are private; the objects have methods; and you can only use the methods; and there are no raw "set" an
Re:Newtonian = struct; Quantum = object-oriented (Score:2)
A detector is a physical object that interacts with the target object. For example, if you want to measure how long something is, you lay it next to a ruler and look at it. However, to see the object next to the ruler, light must be coming off it, which means that light must be interacting with it.
Think of how you would measure the speed of a bullet: with a series of cameras, maybe. The only way the cameras can see the bullet is if photons are bouncing off the bullet, knocking the bu
Re:Newtonian = struct; Quantum = object-oriented (Score:3, Informative)
Put it this way: suppose you had a bunch of position detectors, and a bunch of momentum detectors, and you combined them somehow. Do you think you could beat the Heisenberg Uncertainty Principle that way? I doubt it.
It's like trying to build a perpetual mo
Re:Man in the Middle? (Score:2, Informative)
"Compared to previously described QKD systems, the major difference in the NIST system is the way it identifies a photon from the sender among a large number of photons from other sources, such as the sun. To make this distinction, scientists time-stamp the QKD photons, then look for them only when one is expected to arrive."
Replaying the stream later (even _if_ it was possible) would make it arrive at the WRONG TIME. Hence, the stream was messed with.
Re:Man in the Middle? (Score:2, Informative)
Compared to previously described QKD systems, the major difference in the NIST system is the way it identifies a photon from the sender among a large number of photons from other sources, such as the sun. To make this distinction, scientists time-stamp the QKD photons, then look for them only when one is expected to arrive. "To be effective, this observation time has to be very short," says NIST physicist Joshua Bienfang. "But the more often you can make these very brief observations, t
Re:Man in the Middle? (Score:3, Insightful)
The way to avoid the man-in-the-middle has to do with the filters for the photons. It is confusing in the code, but easier to understand from a completely fabricated example.
First, you need to understand that photons are becoming 1 and 0 based on spin. That spin is aligned so that 1 is 90 degrees off of 0. The filters have to be aligned as well (sure makes portable devices hard, but I'm sure we'll figure that out later). A
Re:Man in the Middle? (Score:2)
> of Man-in-the middle attacks?
No, not unless there is something fundamentally wrong with the implementation. If the stream is eavesdropped, that OTP/key is discarded. Read the article for how QM helps to ensure this assumption.
That said, it should be obvious that this scheme is potentially vulnerable to DoS attacks. Just keep eavesdropping, and the sneaky bastards using QKD can't exchange keys.
Re:Man in the Middle? (Score:2)
Re:Man in the Middle? (Score:2)
So, if I interpret this correctly - it's set up more like Kerberos, with a Quantum twist.
**YAWN** (Score:4, Funny)
Re:**YAWN** (Score:2)
If it went faster than the speed of light, it would also be going faster than the speed of time. That would cause quite a bit of technical difficulties on the receiving end.
Re:**YAWN** (Score:3, Funny)
Speed is defined in physics as "Distance traveled divided by the time of travel" [reference.com], so that would make time a derivative of it's self?
Re:**YAWN** (Score:2)
Re:**YAWN** (Score:3, Informative)
You stopped pasting the definition at a crucial point. Here is where you left off from your own reference link::
The limit of this quotient as the time of travel becomes vanishingly small; the first derivative of distance with respect to time.
Re:**YAWN** (Score:2)
Re:**YAWN** (Score:2)
Ok, let's not define speed in terms relative to time. We'll take time out of the equation.
But wait, we can't do that. Speed doesn't exist without time. On top of that, time isn't a constant.
Here is more information:
http://en.wikipedia.org/wiki/General_relativity [wikipedia.org]
Re:**YAWN** (Score:2)
Quite right, and my point exactly. You therefore cannot measure the "speed of time" That would be absurd.
Re:**YAWN** (Score:2)
That would be absurd if I mentioned measuring the speed of time. But of course, I said nothing about that.
Re:**YAWN** (Score:2)
Your words, not mine.
Re:**YAWN** (Score:2)
Yes, those were my words. 'Faster' is not a measurement.
It's possible that my use of 'faster' in that context accidentally implied measurement, but I assure you that was not my intention.
No smoke, but actual fire (Score:2)
This is the theory of relativety in practice boy.
A quick, but probably inacurate description:
If this doesn't help, maybe relativety-physics wasn't intended for
Re:No smoke, but actual fire (Score:2)
If you are interested in the mechanics of quantum physics and the separation of locality and time, I suggest you read up on the Einstein-Podolsky-Rosen Paradox [wikipedia.org]
Re:**YAWN** (Score:2)
> Speed of time? Excuse me, but can I get some of what you're smoking? How would you define a concept like that?
You're right; "speed of time" is nonsense.
Maybe he's trying to say is that object's world line would become space-like rather than time-like. (Which is true.) Mathematical definition here [wolfram.com]. Some information ab
Re:**YAWN** (Score:2)
One small cravat though - the key is random so there is little use for faster than light meaningful communication.
Re:**YAWN** (Score:2)
Wouldn't this make DOS easier though? (Score:5, Insightful)
Re:Wouldn't this make DOS easier though? (Score:5, Interesting)
tm
Re:Wouldn't this make DOS easier though? (Score:2)
Re:Wouldn't this make DOS easier though? (Score:2)
Re:Wouldn't this make DOS easier though? (Score:2)
Re:Wouldn't this make DOS easier though? (Score:5, Informative)
The basics are like this. Small particles ( like photons of light ) have a property called spin. You can set the spin of a particle when you transmit it by using the right kind of gear. You can test the spin of the particle in several different ways, but not all spins can be detected correctly by all tests. So if you have no idea what the spins are, you can't know which test to use. So if you use a random sequence of tests, you will sometimes have the right test, and sometimes not. So to transmit information, our protocol works like this ( taken from "The Code Book" by Simon Singh, p.346-7 ):
1) Alice sends Bob a series of photons, and Bob measures them.
2) Alice tells Bob on which occasions he measured them in the correct way. Although Alice is telling Bob when he made the correct measurement, she is not telling him what the correct result should have been, so this conversation can be tapped without any risk to security ).
3) Alice and Bob discard the measurements that Bob made incorrectly, and concentrate on those that he made correctly in order to create an identical pair of onetime pads.
4) Alice and Bob test the integrity of their onetime pads by testing a few of the digits.
5) If the verification procedure is satisfactory, they can use the onetime pad to encrypt a message; if the verification reveals errors, they know that the photons were being tapped by Eve, and they need to start all over again.
It is true that Eve could listen in on the line, intercepting photons sent by Alice and try to recreate the same stream of photons to Bob with the same spins. However, she can only use a test once, she can't copy a photon and test it using several different tests. So she will inevitably use the wrong test on a number of photons, and so not know what the true spin ought to be, and so can't reproduce them. She also can't know what series of tests Bob will use to test the photons he is receiving. So inevitably what would happen is this: Eve uses the wrong test on some photons, doesn't know what their spins ought to be, sends out some with different spins; Bob however uses the correct tests on some of those photons that Eve "made up", but gets different results from Alice ( because some of the spins are different from what Alice originall sent ), so when they compare results it becomes obvious that they don't have the same sequence of results. Furthermore, Eve can't know where the errors are going to come up and how she should fix them, so she couldn't intervene successfully in this verification step to make it seem correct when its not.
Long story short - you can't make a successful repeater ( down side to this is you can't use any network for transmitting the photons, as a network necessarily involves repeaters - aka routers/gateways - you must have a direct line from sender to receiver so the photons don't get altered ).
MOD PARENT UP! (Score:2)
The long story short is that, quantum encryption is used to create a key. It is proven, due to the quantum properties and the algo that corvi posted above, that the key CANNOT be intercepted. At worst, it will fail, until you're able to suceed in creating a key.
So, a spy can ONLY prevent you from exchanging a key with someone, he can never intercept the actual key. So he's not really as much a spy as a roadblock.
Bob and Alice and ... Eve? (Score:2, Informative)
As has been elucidated elsewhere here, the physical nature of QC prevents eavesdropping because of the nature of quantum mechanics. Traditional cryptography is based on bits, as you are no doubt aware; bits exist in purely binary format.
Quantum bits, or qubits, on the other hand, are physical photons, not binary data, and as such, they exist in several states at once; you might have a single qubit that is right circularly polarized, or left vertically polarized.
Encryption error! (Score:4, Funny)
Obligatory Futurama quote! (Score:5, Funny)
heheh
World Record? (Score:2, Funny)
fckil eht ghtlis fi uyo gte thsi !
Unless you are talking one-time pads.... (Score:5, Interesting)
I realize I'm being painfully pendantic here, but when the self-proclaimed nerds start abusing a term, the general public is going to be hopelessly confused. (Think the whole hacker/cracker thing...)
Quantum key exchange is unbeleivably cool, but doesn't guanentee secure crypto. It just takes one of the weakest links in the chain, and makes it the strongest.
But it's fast enough now. (Score:2)
Re:But it's fast enough now. (Score:2)
One of the hallmarks of cryptography is that it is medium independant. If I encrypt something, I can print the output on paper, copy it to a floppy, etc and the security isn't weakened. With a simple secure channel, I lose all my protection as soon as the message stops being photons
Re:Unless you are talking one-time pads.... (Score:2)
Of course they're talking one-time pads... ;-)
Re:Unless you are talking one-time pads.... (Score:2)
Crypto thinking in the past has been that if your cryptosystem is strong enough, you can tolerate key exchange over insecure channels. What many people don't realize is that with perfectly secure key exchange, you
Re:Unless you are talking one-time pads.... (Score:2)
Re:Unless you are talking one-time pads.... (Score:2)
Quantum Encryption allows you to exchange a key in TOTAL security. Not just theorically, total security(this is the strongest possible). No one can eavesdrop the key. If they do, they will, at most(if they eavesdrop every 'packet'), prevent you from exchanging a key, in which case you can try again until you succed. If you succeed in exchanging a key, the eavesdropper CANNOT know, due to the algorithm and
Hang on... (Score:5, Funny)
Can it help me download pr0n faster or not?
Re:Hang on... (Score:2)
Implications for the Government? (Score:5, Interesting)
*(yeah, yeah, your favourite open source encryption is unbreakable, I know, but come on, the government isn't going to enter any 'break this encryption' contests to show what a kewl ha>or it is and thereby advertise the fact that communications using said encryption are not actually secure, is it?)
However, with unbreakable encryption they can no longer just spend money until they are able to break it - it's actually impossible, they can't even intercept it. So it changes the situation in a quite fundamental way. Whether it's someone violating copyright between quantum encrypted locations, just talking without being eavesdropped on (you know, exercising their rights), or Osama and his friends planning the next September 11, it will be impossible to work out the contents of a communication.
I feel that over the middle-term this will lead to some or all of the following government responses:
- stronger laws allowing seizure of computers (i.e. the start and end points of an encrypted communication)
- even stronger laws about exporting or possibly even publishing information about this type of encryption 'in the national interest'
- laws requiring the divulging of passwords to law enforcement/intelligence officers with harsh penalties for a refusal to cooperate (this is already the case in some places I believe)
- possibly a lower standard of proof required before police/spies can act to exercise the above powers, in light of the difficulties they will have getting any evidence at all about encrypted communications
- an increase in 'why are you using encryption, are you a terrorist/communist/thought criminal or something' type rhetoric
What do others think? Does this really change the privacy landscape over the next 10-20 years? Will governments react regressively in the ways I suggest? How should pro-privacy people respond and fight such changes?
Re:Implications for the Government? (Score:4, Insightful)
Pardon? The known encryption algorithms are insecure because the government doesn't say it can't break them? Reminds me of a little story where a man claps his hands to get rid of elephants in his house. The proof that it works? There are no elephants in his house.
Also it seems strange to imply that Schneier et al are just a bunch of idiots.
Re:Implications for the Government? (Score:2)
AFAIK, all the QC machines are point-to-point devices, and I don't see any obvious way to make relays and gateways out of them. So it's not like you can do QC-over-IP tunnels. And with point-to-point devices, the government can do traffic analysis (if you're talking Mohammad Atta's ex-roommate regularly, who cares what you're saying, you get heightened surveillance and maybe disappear without trial for interrogation).
There are already pl
What about keyloggers and stuff? (Score:5, Insightful)
Especially these days with worms and trojans affecting even the most _secure_ environments (*bad memories about some american nuclear power plant*). You can expect someone somewhere to get some spyware or keylogging-thingie onto a sender or reviever's system. (or sometimes even enough with just getting it onto the network on each end in question.)
I recall visiting a webshop somewhere who sold a small (read less than half an inch) plug, which you put in between the keyboard and the comp, which could log several megs of typed in text. Later it's just to harvest
Maybe I'm just paranoid, but if you can't trust your coworkers 130% in these cases, you're still toast unless you put the machine (and yourself) in a vault and throw away the key.
Re:What about keyloggers and stuff? (Score:2)
However, yes, you could read the actual message before it is encrypted(check over your cowo
the weakest link in the chain (Score:5, Insightful)
while it's true that cryptography like this improves security, those encrypted messages are still transmitted between people, and people are not corruption-proof.
Original article (Score:4, Informative)
Aaahhh! and it runs Linux. Mod me up.
("We are currently using a Linux operating system with custom drivers for the boards.")
Re: Original article (Score:2, Interesting)
First Proven Useful Application? (Score:3, Interesting)
This just in (Score:2)
-psy
Re:This just in (Score:2)
I understand entanglement, mainly thanks to "Entanglement" by Amir. D. Aczel...decent book for those wanting to understand quantum mechanics without reading anything too dry.
-psy
The fine print (Score:2)
Everything Can Be Hacked (Score:3, Interesting)
Hacker Rule #1: Everything can be hacked.
The Quantum Man In The Middle
To prevent the man-in-the-middle attack where a photon is intercepted and an identical photon is transmitted in its place, the sender and receiver rely on a very tight window in time. Any photons received outside that window are rejected. If you want to grab the quantum secured key, why not put a receiver in the middle that emits a quantum entangled photon? You intercept the sender's photon, and once you know its state you can change the state of the captured photon so its entangled twin has the same quantum state as the intercepted photon, and arrives at the correct time. You essentially use quantum entanglement to change the state of the imposter photon while it's in transit.
Quantum Brute Force
Quantum computing is emerging almost as fast as "quantum cryptography" (actually "quantum tamper resistant key transmission"). In the near future a good quantum computer will be fast enough to quickly break today's strong encryption. This is the same old game of making sure encryption is just strong enough that commercial users can't crack it but governments can. It's a moving target. Make your own VERY secure encryption algorithm that jumps fifty years down the path of Moore's Law. Add 32 bits to your key and you're secure. That'll piss off your government. So will tying up several hours on their massive supercomputers to learn that you used your favorite commercial encryption algorithm to send your grandmother's cream candy recipe to an internet cafe in South Africa. I'd never do that, but I'd be very tempted to send The Constitution and The Bill of Rights.