| About InfoWorld : Advertise : Subscribe : Contact Us : Awards : Events : Store |
 |
||||
|
||||
 |
||||
 |
|
|||
 |
||||
|
|
|
||
|
|||||||||||||||||||||||||||||||||||||||||
 COLUMN
Eating humble pie SLOW NEWS weeks are a columnist's nightmare. Granted, a lot of you are probably using this time to catch up on old business, load those patches you've been meaning to get to, dig through the paperwork and the e-mails piling up, and so on; but my life would have been made a lot easier if another e-mail virus had been unleashed or a Fortune 500 company's network had been taken over by a gang of teen-agers. In the absence of a readily identifiable topic -- or target, if you prefer -- for today's trip to the soapbox, I think it's time to serve myself some humble pie.
It's my own fault, after all. I should know better than to attempt higher math while leaving my shoes on. So I will cheerfully concede that the logistics of attempting a brute-force crack on a 128-bit key -- to say nothing of 192-bit and 256-bit ones -- are formidable. But my point wasn't whether or not AES is secure; for now, it's the best you're likely to find, at least when you're looking at cipher systems that have the U.S. government's seal of approval. I simply wanted to point out that betting against human ingenuity is a good way to lose. When you look at everything we've accomplished by applying our intellectual capital to a technological problem, it's clear that just about anything can be done with a big enough checkbook and plenty of brains per acre. But at least a few dozen of you missed my point. Bruce Schneier, CEO of Counterpane Security and author of Applied Cryptography, even accused me of being alarmist in a scathing letter that I hope is coming soon to a letters page near you. Sorry, folks, I was aiming more for a bridled world-weariness. If I had wanted to sow panic, I would have taken a different tack entirely. (Trust me: I used to cover high school football, and I can make an off-tackle run for no gain sound like the Battle of Gettysburg when I want to.) As a garnish of crow to go with my humble pie, I also apologize to anyone who was offended by my use of Moore's Law as mental shorthand to refer to the ever-increasing power of computer hardware, as opposed to its original purpose of defining the growth in the amount of circuitry that can be packed into a given space. Finally, I'm going to retract my prediction that AES would be brute-forced by 2010. It might take until 2015, or even 2020. But I still think that calling AES "unbreakable" is whistling in the dark. P.J. Connolly (pj_connolly@infoworld.com) covers collaboration, networking, operating systems, and security for the Test Center. Get this column free via e-mail each week. Sign up at www.iwsubscribe.com/newsletters .  RELATED SUBJECTS  SecurityMORE > SPONSORED WHITE PAPERS 
SPONSORED LINKS
|
|||||||||||||||||||||||||||||||||||||||||
|
||||||||||
|
||||||||||
