This seems backwards to me. If you prove a cryptographic protocol works, using some assumptions, then the only way it can fail is if the assumptions fail. Its not that a system using RSA is 100% secure, someone could peak in your window and see the messages after decryption. But its sure more secure than some random nonsense code with no proofs about it, like people “encoding” data into base 16.
The context isn’t “system with formal proof” vs “system I just thought of 10 seconds ago” but “system with formal proof” vs “system without formal proof but extensively tested by cryptographers in real-world settings”. Think One-Time-Pad vs AES. In theory One-Time-Pad is perfectly information theoretically secure, but in practice AES is much better.
Obviously “system with formal proof and extensively tested/demonstrated to work in real world settings” would be even better. And if anyone ever proves P=NP, AES will presumably enter this category.
“system with formal proof” vs “system without formal proof but extensively tested by cryptographers in real-world settings”
Well this is saying formal proof is bad because testing is better. I think in this situation it depends on exactly what was proved, and how extensive the testing is.
One time pads always work, so long as no one else knows the key. This is the best you can ask for from any symmetric encryption. The only advantage AES gives you is a key that is smaller than the message. (Which is more helpful for saving bandwidth than for security.) If you were sending out a drone, you could give it a hard drive full of random nonsense, keeping a similar hard drive in your base, and encrypt everything with a one time pad. Idealy the drone should delete the one time pad as it uses it. But if you want to send more than a hard drive full of data, suddenly you can’t without breaking all the security. AES can use a small key to send lots of data.
The context isn’t “system with formal proof” vs “system I just thought of 10 seconds ago” but “system with formal proof” vs “system without formal proof but extensively tested by cryptographers in real-world settings”. Think One-Time-Pad vs AES. In theory One-Time-Pad is perfectly information theoretically secure, but in practice AES is much better.
Obviously “system with formal proof and extensively tested/demonstrated to work in real world settings” would be even better. And if anyone ever proves P=NP, AES will presumably enter this category.
Well this is saying formal proof is bad because testing is better. I think in this situation it depends on exactly what was proved, and how extensive the testing is.
One time pads always work, so long as no one else knows the key. This is the best you can ask for from any symmetric encryption. The only advantage AES gives you is a key that is smaller than the message. (Which is more helpful for saving bandwidth than for security.) If you were sending out a drone, you could give it a hard drive full of random nonsense, keeping a similar hard drive in your base, and encrypt everything with a one time pad. Idealy the drone should delete the one time pad as it uses it. But if you want to send more than a hard drive full of data, suddenly you can’t without breaking all the security. AES can use a small key to send lots of data.