[Interest] TLS/SSL XML encryption security

Thiago Macieira thiago.macieira at intel.com
Tue Oct 8 08:11:15 CEST 2019

On Monday, 7 October 2019 18:08:27 PDT Roland Hughes wrote:
> There was a time when a Gig of storage would occupy multiple floors of
> the Sears Tower and the paper weight was unreal.

Have you ever heard of Claude Shannon?

Anyway, you can't get more data into storage than there are possible states of 
matter. As far as our *physics* knows, you could maybe store a byte per 
electron. That would weigh 5 billion tons to store 16 * 2^128 bytes.

We have absolutely no clue how to have that many electrons in one place 
without protons and without violating the Pauli Exclusion principle.

> According to this undated (I *hate* that!) BBC Science article at some
> point in time Google, Amazon, Microsoft and Facebook combined had 1.2
> million terabytes of storage. By your calculations, shouldn't putting
> that much storage on one coast shifted the planet's orbit? <Grin>

How about you do some math before spouting nonsense?

1.2 million terabytes is 2^60 bytes. Which is NOWHERE NEAR the mass I talked 
about for 2^132 bytes. At the estimate I used of 21 ng/byte, the total is only 
25200 metric tonnes.

> As I said, the hackers don't need the entire thing. If they are sniffing
> a CC processor handling a million transactions per day (not unreasonable
> especially during back-to-school, on Saturday or during holiday shopping
> season)
> https://www.statista.com/statistics/261327/number-of-per-card-credit-card-tr
> ansactions-worldwide-by-brand-as-of-2011/
> At any rate, enough rows in the DB to achieve a 1% penetration rate
> gives them 10,000 compromised credit cards via an automated process. A
> tenth of a percent is 1,000. Not a bad haul.

Sure. How many entries in the DB do you need to generate a 0.1% hit rate?

I don't know how to calculate that, so I'm going to guess that you need one 
trillionth of the total space for that.

One trillionth of 2^128 possibilities is roughly 2^88. Times 16 bytes per 
entry, with no overhead, we have 2^92 bytes. Times 1 picogram per byte is 5 
billion tons. More importantly, 2^92 bytes is orders of magnitude more storage 
than exists today. The NSA Datacentre in Utah is estimated to handle 12 
exabytes, so let's estimate the total storage in existence today is 100 
exabytes. That's 50 million times too little to store one trillionth of the 
problem space.

I don't doubt that there are hackers that have dedicated DCs to cracking 
credit card processor traffic they may have managed to intercept. But they are 
not doing that by attacking the encryption.

Thiago Macieira - thiago.macieira (AT) intel.com
  Software Architect - Intel System Software Products

More information about the Interest mailing list