In lecture, you mentioned that the one-time pad is the only perfect cipher.
TimeZombie writes wanting to know why this is true.
I probably overstated things a little bit saying
this is the only perfect cipher, that you could certainly
construct ciphers that are perfect and are not exactly
the same as the one-time pad as we've described it.
But they'd be essentially the same, and what Claude Shannon proved
is that to be a perfect cipher, you have to have
the key space as large as the message space,
and you can never reuse a key, so every byte of the message
corresponds to a byte of the key, and then with the one-time pad,
we're XORing that we could do some other operations
that would be equivalent of XOR and have another cipher that would be perfect.
But the important thing that was proven is that
if the key is smaller than the message, there's no way for the cipher to be perfect.
There must be some information leaking to an attacker
that potentially could be used to break it.
Okay, and then as a followup to that,
he also wanted you to comment on quantum cryptography.
Okay, so quantum cryptography is a very interesting topic,
and there's really two sides to that that people think about.
The first is quantum key distribution,
which is to take advantage of properties of quantum physics
to be able to send a message where even if someone intercepts it,
they cannot replay it, and that means that the two parties at the end
can know that if they establish a key,
if that message got through between them and they can verify
that they received the right message, that there was no
physical way it could be eavesdropped on because the properties
of quantum physics are that if you observe properties about a photon,
you can observe some parts of it, but you can't observe the whole thing.
You can observe, say, both the momentum and the spin at the same time,
and I'm not an expert in quantum physics, so that may not be exactly right
but you can't observe--and this is Heisenberg's Uncertainty Principle--
you can't observe every property of the photon at the same time,
so you can set things up, and I won't go into details of that now.
We may talk about that in one of the--maybe Unit 7.
I think that would be a good topic to bring up again
and go into a little bit more detail.
The other interest is in quantum computing,
which potentially offers a way to solve problems
that we can't solve with classical computers in an efficient way.
And the most interesting question there is factoring,
which in Unit 4 we'll talk about the importance of factoring
being hard for breaking RSA for the security of RSA
relying on it being hard to factor numbers
that are multiples of 2 large primes.
There are ways--if you have a quantum computer--to do factoring efficiently
in a polynomial number of steps which no one knows
the way to do with a classical computer.
If it was possible to build a large quantum computer,
which no one has been able to do yet but in theory could be done,
then you could break crypto systems like RSA
that depend on factoring being hard because you could factor large numbers
using your quantum computer.
Both of those are sort of interesting aspects where
the sort of deep properties of quantum physics can be used
either to the advantage of making something more secure
or to the advantage of the attacker.
And we'll talk about the impact of quantum computing
on factoring a little bit in Unit 4.
Okay, cool. I look forward to it, thank you.
