Some Examples of Snake Oil Cryptography Techniques
This is not an exhaustive list of snake oil signs. A more thorough list is given in the external articles linked in the section below.
- Secret system
- Some encryption systems will claim to rely on a secret algorithm, technique, or device; this is categorized as security through obscurity. Criticisms of this are twofold: first, a long-standing principle, Shannon's Maxim, states that "the enemy knows the system" and that secrecy does not afford the user any advantages. Secondly, secret methods are not open to public peer review and cryptanalysis and so potential mistakes and insecurities can go unnoticed for great lengths of time.
- Technobabble
- Snake oil salespeople may use "technobabble" to sell their product since cryptography is a complicated subject.
- "Unbreakable"
- Claims of a system or cryptographic method being "unbreakable" are almost always false, and are generally considered a sure sign of snake oil.
- One-time pads
- One-time pads are a popular cryptographic method to invoke in advertising, because it is well known that one-time pads, when implemented correctly, are genuinely unbreakable. The problem comes in implementing one-time pads, which is rarely done correctly. Cryptographic systems that claim to be based on one-time pads are considered suspect, particularly if they do not describe how the one-time pad is implemented, or they describe a flawed implementation.
- Unsubstantiated "bit" claims
- Cryptographic products are often accompanied with claims of using a high number of bits for encryption, apparently referring to the key length used. However key lengths are not directly comparable between symmetric and asymmetric systems. Furthermore, the details of implementation can render the system vulnerable. For example, in 2008 it was revealed that a number of hard drives sold with built-in "128-bit AES encryption" were actually using a simple and easily defeated "XOR" scheme. AES was only used to store the key, which was easy to recover without breaking AES.
Read more about this topic: Snake Oil (cryptography)
Famous quotes containing the words examples, snake, oil and/or techniques:
“It is hardly to be believed how spiritual reflections when mixed with a little physics can hold people’s attention and give them a livelier idea of God than do the often ill-applied examples of his wrath.”
—G.C. (Georg Christoph)
“The Gospel of the army is cunning, as of all other human activities. The wisdom of the snake under the meekness of the sheep is what wins out.
The first Commandment is—never let them get anything on you—
The second: Graft—get privileges others haven’t got—worm yourself into confidence
The Third—seem neat and prosperous—as if you had money in the bank—”
—John Dos Passos (1896–1970)
“Courage, determination, and hard work are all very nice, but not so nice as an oil well in the back yard.”
—Mason Cooley (b. 1927)
“The techniques of opening conversation are universal. I knew long ago and rediscovered that the best way to attract attention, help, and conversation is to be lost. A man who seeing his mother starving to death on a path kicks her in the stomach to clear the way, will cheerfully devote several hours of his time giving wrong directions to a total stranger who claims to be lost.”
—John Steinbeck (1902–1968)