home *** CD-ROM | disk | FTP | other *** search
- Xref: sparky sci.crypt:4864 sci.math:15048 comp.theory:2436
- Path: sparky!uunet!cs.utexas.edu!zaphod.mps.ohio-state.edu!darwin.sura.net!spool.mu.edu!olivea!sgigate!rutgers!igor.rutgers.edu!zodiac.rutgers.edu!leichter
- From: leichter@zodiac.rutgers.edu
- Newsgroups: sci.crypt,sci.math,comp.theory
- Subject: Re: Cryptography and P=NP
- Message-ID: <1992Nov16.102132.1@zodiac.rutgers.edu>
- Date: 16 Nov 92 15:21:32 GMT
- References: <1992Nov15.110945.19939@ringer.cs.utsa.edu> <PHR.92Nov15203840@napa.telebit.com>
- Sender: news@igor.rutgers.edu
- Followup-To: sci.crypt
- Organization: Rutgers University Department of Computer Science
- Lines: 23
- Nntp-Posting-Host: cancer.rutgers.edu
-
- In article <PHR.92Nov15203840@napa.telebit.com>, phr@telebit.com (Paul Rubin)
- writes:
- > ... It is true that if P=NP then all cryptography everywhere (not just RSA)
- > is dead...
-
- Actually, this is false. If P=NP, then PUBLIC KEY cryptography is dead; but
- private key cryptography can, in principle, be much stronger. It can, in
- fact, be arbitrarily strong.
-
- The problem for public-key cryptography is that, given a ciphertext and the
- public key, I can guess private keys and check that I've got the right one in
- polynomial time by simply encrypting my proposed plaintext with the public
- key. If I get the ciphertext back, I've got the key.
-
- For private-key cyptography, I can guess all I like, but there's no way I
- can test the correctness of my guess with certainty. Sure, as a PRACTICAL
- matter, I may have some known plaintext, or i can just recognize that I
- got English text back. But we're not talking about "in practice" here.
-
- Note that for a one-time pad, the system is unconditionally secure, even
- given the ability to compute non-computable functions.
-
- -- Jerry
-
