All trust is economics

[Thomas Shaddack]

On Sat, 26 Apr 2003, Eric Cordian wrote:

> How silly.  Factoring is like the Poincare Conjecture.  Solving it doesn't
> let us do anything new and exciting, and nothing else we care about has a
> reduction into it.
>
> Fast factoring will be greeted by "oh, yes, of course", and the sound of
> mass yawning and moving on.

Fast factoring will be greeted (if it wasn't already) by loud and
top-secret cheer of all the No-Such-Agencies. We the People will be told
much later.

That Joe Sixpacks will yawn and move on will only signify his lack of
understanding of the problem.

> In 10 years, "factor" will be a commodity microprocessor opcode.

Why? Solving it doesn't let us do anything new and exciting, and nothing
else we care about has a reduction into it. And every opcode occupies some
chip space, and chip space is (at least for now) too expensive for
unimportant functions.

> Is anyone even working on factoring any more?  How long has it been since
> the last RSA Challenge number was factored?  Seems like aeons.

That there is no published activity doesn't mean there is no activity.

> Yes, I believe Joe Sixpack saying that he promises to keep my key safe to
> be on the same footing as Joe Sixdiploma saying that because he can't
> figure out how to factor 309 digit numbers quickly, it must not be
> possible.

So far it doesn't seem to be possible. If it is, then the method has so
high strategical value that it is not used for less important operations,
in order to not disclose its existence by indirect clues[1]. But for
operations with so high stakes you should use one-time pads on one of the
layers anyway.

> All RSA is faith-based crypto.

What alternative do you suggest?


[1] If decrypted plaintexts start popping up from nowhere, being used in
all kinds of prosecutions, it's a strong evidence the encryption algorithm
was compromised. However, the current trend with secret courts and secret
evidence can make it less evident.