R. Lui. - There is a whole lot more to security than bit-length. Look at the differences in key length between public and private key.... Much depends on the encryption algorithm itself ... IMHO, the jury is still out on Jaws's L5. By most people's considerations, even a measly 128 bits is enough to make DES "statistically unbreakable" for the next 15-20 years... Using brute force attacks is a very time consuming way to crack encryption, most encryption that is broken is actually circumvented through other means.... The difference in the time it would take to break 56 bit and 128 bit is enormous, it grows exponentially with every additional bit... I am not sure of the exact formula, but if it takes x days to crack 56 bit, than it out would take something like ....x^72 .. or x^36... or something to that effect...i'll look it up later.....so even if processing speeds got to the point where 56 bit could be cracked in two seconds... (which is 201,600x faster than the current record) and lets say for arguments sake that it's closer to x^36.. it would take (2)^36 seconds, or about 2,179 years to break. Just to give you an idea, using x^50 would yield a time of 35.7 million years, given the same parameters... Though the formula is probably off bit, I think the point is clear...
BBruin, - I'm sorry to say this, but this whole thing sounds fishy to me... A reclusive genius who designed encryption algorithms as kid ... develops a solution to a problem that really doesn't need to be solved (and if he was so good, why did the "experts" - not even encryption experts at security firms - have to recommend changes) - using terms like "unbreakable" (normally one of first warning signs of snake oil) ... combined with the latest press release of "Earning" a $7 million line of credit. Making claims to have "the most powerful data encryption available." When this many people know about such a tiny spec of a company... It suggests to me that the best thing they know is how to do is spin a good story and make a lot of noise.
I don't know squat about the stock price, or valuation, or the company, or management, but I would very much like to see them have their product tested by some independent security expert (any will do, as long as the person or company is a known and respected person in the industry).
Until that point, I would really have to take the stance that there product is most likely just overblown hype. It may very well be useful for securing email or a local word file...where the threat is minimal, but i would hesitate to use it to secure my bank transactions... I hope the company proves me wrong...
Enam |
