Exetools  

Go Back   Exetools > General > General Discussion
Reload this Page rank your "uncrackable" software protection
Register Forum Rules FAQ Calendar Mark Forums Read

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 04-25-2013, 22:11
mcp mcp is offline
Friend
  
Join Date: Dec 2011
Posts: 73
Rept. Given: 4
Rept. Rcvd 12 Times in 11 Posts
Thanks Given: 7
Thanks Rcvd at 47 Times in 35 Posts
mcp Reputation: 12
Quote:
You can not proof it because nobody knows which attacks appear tomorrow. Just suppose in 10 years quantum computers appear. And almost all current crypto would be trash.
Years ago DES looks uncrackable. Nowadays it is weak.
The same to RSA. Ten years ago RSA-512 was strong. Now it is weak.
Could you make the RSA less or equal to 512 bits which we can not crack? Sure, you cant. Most algos add more rounds to be stronger or increase key sizes or other params.
Of course there is exactly one crypto scheme which is provably secure against any attack (OTP) but I was just arguing against the claim of being able to break any instance of those problems. And that's obviously not true.

Quote:
HE libraries are very rough. Limited in the operations to Add and Mul in most. Also, it is hard to imagine the use cases which help to protect applications. Could you describe any?
To operate in HE you need both numbers encrypted with private key. To decrypt result you need also public key. Would you store both keys in the software? Or how do you plan to make protection?
Yap, there's a reason why not "everything" just simply switches to (F)HE schemes. There are multiple reasons: a) it is slow as hell b) full HE isn't trivial, most libraries limit themselves to addition and/or multiplication as you said.
Take for example the use case that you want to compute something which must not be revealed to the public, still the computation has to be made on every consumer's device, and the consumers must not know how the computations inner workings look like.
Then again, the weak points of FHE are the input and output values: if these are to be used in other non-HE parts of the program, these clearly must be decrypted.

As always in security, you have to be aware of the "attacker model": FHE per se cannot be used to create any kind of "unbreakable" protection, and no sane person would ever claim that. On the other hand, I strongly disagree with the statement that "everything made by man can be broken". That's too broad of a statement and is simply not true in general.
Reply With Quote
  #2  
Old 04-25-2013, 22:51
Syoma Syoma is offline
reverse engineer
  
Join Date: May 2009
Posts: 338
Rept. Given: 35
Rept. Rcvd 77 Times in 50 Posts
Thanks Given: 15
Thanks Rcvd at 78 Times in 51 Posts
Syoma Reputation: 77
Lightbulb
Quote:
Originally Posted by mcp View Post
I strongly disagree with the statement that "everything made by man can be broken".
Sure, it can be. But nobody guarantees it will work after that or even be valid.
Reply With Quote
Reply

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Hybrid Mode Hybrid Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
How come new registrants given "guest" rank and not even a "friend" rank? OldieHans General Discussion 4 09-25-2023 12:19
When use "vendor defined encryption routines", how to set daemon related part? bridgeic General Discussion 6 01-22-2015 11:35
Wlscgen: Are "Vendor Id" and "Developer Id" different ? Numega Softice General Discussion 6 02-12-2007 18:12


All times are GMT +8. The time now is 16:53.

Aaron's homepage - Top

Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( Since 1998 )