Theory vs. Practice
Diagnosis is not the end, but the beginning of practice.
1996 Ron Rivest-prefaced Book: How "Unbreakable Encryption" Works
Today's universities teach the world that unbreakable encryption is "technically impossible", hence the ever-failing US standards enforced by international policies.
Under his own words, "the most widely acclaimed security expert in the world" contemptuously calls unbreakable encryption "Snake Oil" (he personally made me the great honor of such an email in 2013... despite a first 2008 government audit of TWD's 2007 technology).
Discuss "unbreakable encryption" publicly and myriads of supposely competent and well-intentioned people will furiously call you a "Charlatan".
Yet, a book written 22 years ago by undisputed encryption experts explains how to write your own "unconditional encryption" ("unbreakable" in academic jargon because "assumptions-free"). The Germans have a proverb for this kind of engineered dissonance: "Lies have short legs".
"Handbook of Applied Cryptography" (780 pages) by Alfred J. Menezes,
Paul C. van Oorschot, and Scott A. Vanstone, prefaced by Ron Rivest (the 'R' of RSA, Inc.):
"The current volume is a major contribution to the field of cryptography. It is a rigorous
encyclopedia of known techniques, with an emphasis on those that are both (believed to
be) secure and practically useful. It presents in a coherent manner most of the important
cryptographic tools one needs to implement secure cryptographic systems, and explains
many of the cryptographic principles and protocols of existing systems."
This book can change the life of every tech user on the planet – and even prevent wars – I am not kidding. So, if you are interested in computer programming, cyber-security, encryption, consumer payments fraud, blockchains, the security of our common critical infrastructure, or merely about your own privacy, then keep reading (and share this document)!
The Only Book You Need about Cryptography
Here is an excerpt of the knowledge that has been buried for decades by the most reputed academics, politicians, and bankers – those in charge of educating our children and keeping our national vital interests safe against "unwanted interference":
"7.10 Remark (theoretically-motivated principles) The unconditional security of the one-time-pad motivates both additive stream ciphers (Chapter 6) and the frequent changing of cryptographic keys (ยง13.3.1). Theoretical results regarding the effect of redundancy on unicity distance (Fact 7.71) motivate the principle that for plaintext confidentiality, the plaintext data should be as random as possible, e.g., via data-compression prior to encryption, use of random-bit fields in message blocks, or randomized encryption (Definition 7.3). The latter two techniques may, however, increase the data length or allow covert channels."
Most of today's "crypto experts" seriously claiming – without engaging brains – that "unconditional security is impossible to achieve" are probably not liars: what they have learned at school is "compliance" rather than "security": US security policies – designed to enforce the US backdoors in public administrations and business, with the generalized chaos that we can all see today.
This may explain why REAL QUESTIONS, like the absolute need for bijective data compression, "unconditionally-secure" key-generation, key-derivation and key-exchange, are not discussed. These crucial points, like unconditionally-secure data encryption, are very taboo... because they would defeat the mission of the NSA and the Pentagon-funded Silicon Valley – the generous sponsors of our educational and political systems.
You will have to do more research to find how to implement all this correctly – as well as learn how to avoid compromising the secret keys before you start encrypting (doing so requires ditching everything taught in universities). But at least, thanks to this book, you know that this can be done, and you have enough hints to select a valid direction.
You will not find anything remotely approaching that level of usefulness in mainstream Media, market leader, and NGO publications because they are pursuing the exact opposite agenda:
Privacy tools funded by the Broadcasting Board of Governors (BBG) [an organization spun off from the CIA] dominated the scene. That included the most ardently promoted privacy products now on offer: TOR, the anonymous internet browsing platform that powers what's known as the 'dark web', and Signal, the chat app championed by Edward Snowden. Both of them took in millions in government cash to stay afloat.
EFF has taken millions in funds
from Google and Facebook via straight donations and controversial court payouts that many see as under-the-radar
contributions. Hell, Google co-founder Sergey Brin's foundation gave EFF at least $1.2 million.
The lack of any serious security threatens our common critical infrastructure (energy and water supply, telecoms, logistics, transportation, finance, the IoT, smart-Cities, Med-Tech, etc.) and acts of war already took place:
President OBAMA approved a previously undisclosed covert measure that
authorized planting Cyber weapons in Russia's infrastructure, the digital equivalent
of bombs that could be detonated if the United States found itself in an escalating exchange
with Moscow.
"Unbreakable security" is not a luxury – it is mandatory for World peace, especially with the looming IoT wave:
With the right acts of digital sabotage, attack aircraft will be grounded,
infrastructure disrupted and communications severed, reducing the enemy to a state of raging,
pre-modern impotence.
Disclaimer: TWD Industries AG, the company I have founded in 1998, markets Global-WAN (2010), a communication platform based on "unconditional security" developed in-house (2007) and audited by two governments. Not only TWD algorithms (key generation, key derivation, key exchange, data encryption) are much faster than today's standards, but they also are easier to implement, are safe against side-channel attacks (timing, noise), and work from RFID tags to data-centers. Contact me at pierre@trustleap.com for more information (from consulting to licensing we have a solution for you).