top | item 21981323

(no title)

wyday | 6 years ago

>> "Hard to justify going to the trouble of encrypting your backup."

Huh? If you're "encrypting" using SHA, I've got some bad news about those backups of yours.

discuss

harikb|6 years ago

I think GP was taking about the general nature of “previously assumed to be unbreakable” methods being broken. Not sure if he has implying using a checksum also for encryption

PeterisP|6 years ago

What do you mean by "previously assumed to be unbreakable" ? SHA-1 has been known to be unsafe for a dozen years, we just went from "assumed to be breakable" to "yep, definitely breakable, here's how one exact attack will work".

LadyCailin|6 years ago

If you use SHA-256 to encrypt your backup, then I just need to steal your backup and wait 20 years, until that is cracked, and then I can decrypt your backup, even though today you’re using the “correct” encryption.

riquito|6 years ago

The GP was likely hinting at SHA1 being an hashing function, non an encryption function, so just applying sha* wouldn't produce a working backup

tambourine_man|6 years ago

I'm refering to not being able to rely on encryption in the long term.

vbrandl|6 years ago

Hashing is a separate problem from encryption. There is no proof that one way functions (the idea behind hashing) even exist (by proving this, you would actually prove P!=NP, IIRC). Encryption has a slightly better track record of being broken. AES still holds its promise and is also secure against quantum computing (you might want longer keys, but that's it).

And if you want really, provably unbreakable encryption, there is still OTP. But then you'd need a key, that is as long as the data you want to encrypt.