When users and managers misunderstand what technology can do, IT architects wind up with two problems. The first arises when people overestimate the state of the art and expect more than any IT department can deliver. The second arises when people dont realize how much a technology has improved, or how quickly its still improving, and fail to fully use it or protect themselves against it.
Flawed perceptions have to be recognized and addressed if theyre not to become obstacles to satisfying IT stakeholders.
Popular entertainment is a big contributor to widespread misconceptions. At some point, screenwriters need to catch up with reality. For example, were long past the point where any movie or TV series plot should turn on a characters success in breaking a code; we also should stop seeing depictions of people in the most remote locations having real-time links, 24-by-7, without needing pounds of batteries or ungainly antennas.
Ive recently seen the fallacy that codes can still be broken in my own family room, where two of my sons were watching an episode of “Enterprise,” Paramounts prequel series to the original “Star Trek.” The starships communications officer, whos a linguist rather than a mathematician, was kidnapped by aliens and brainwashed into helping them crack the codes of yet-another alien species.
With or without the aliens, this idea would strain the credulity of an informed viewer even if the story took place today. But its supposedly happening about 150 years from now, by which time I estimate that well be using 5,400-bit keys, based on guidelines suggested by crypto gurus such as Bruce Schneier and Ron Rivest. Their estimates of required key lengths, as described in Schneiers 1996 second edition of his book “Applied Cryptography,” range from 619 bits (best-case method of Rivest) to 67.1 million bits (worst-case method of Schneier).
Thats a huge range, reflecting different assumptions about the progress of mathematical techniques on top of forecasts for improvement in computing cost-effectiveness. But both of these experts would agree, Im sure, that (1) any present-day mainstream encryption will be breakable for pennies in 2150 and that (2) no human cryptanalysis will be helping much in breaking the codes that will be common at that time.
Apart from making me bite my tongue while my sons enjoy decent science fiction, these crypto trends have present-day enterprise impact. As Schneier said in his book, “You dont want to stand up in court 20 years from now with a digitally signed document and have the opposition demonstrate how to forge documents with the same signature.” More broadly, Ill say that you cant usefully ask or answer the question “How secure?” without the clarifying question “For how long?”
It doesnt require a 150-year technology forecast to put wireless expectations in perspective. When my sons were watching the movie “The Core,” which is supposedly set in the present, I was struck by the ease with which people thousands of miles below the surface of Earth were browsing shared desktops back at mission control.
Some things cant be escaped in any century: When youre three times as far from something, youre getting one-ninth the signal strength between any given pair of antennas with any given level of transmitter power. When signals pass around and through steel buildings, or just through people or trees, they get weaker and less precisely defined in terms of things such as pulse width and separation. Dont get me started on the attenuating and distorting effects of thousands of miles of hot rock.
Advanced error-correcting techniques, like the ones being used by the Cassini spacecraft now exploring the neighborhood of Saturn, can help. However, there are fundamental limits on information transmission on any given type of channel, and were getting close to those limits now.
Do we have to be killjoys? No, but we can still sound a note of reality from time to time. It will help us focus IT resources where theyre effective—that is, where they can actually do what people actually need.
Technology Editor Peter Coffee can be reached at [email protected]