[nickpsecurity]

Do you have a link to that? Because I know a guy who really needs to counterpoint it. High-security engineer, Clive Robinson, always said security is about physics if you look at it down to the hardware. The physics try to connect things in ways you didn't see coming. That allows unauthorized communications. The physics also try to corrupt the operation of your chips. That compromises computational security mechanisms. Even encryption algorithms had tons of problems when they were implemented to the point that it takes pro's with years of experience to implement them with any assurance. Those are often broken later.

So, if Doctorow said that, he couldn't be further from the truth. The universe seems to do everything it can to make security difficult via physics itself. Throw in economics and biology (evolving malicious attackers) to top the argument off.

[SCHiM]

Security != encryption in every case. What you're describing is actually also what makes encryption stronger/easier than decryption:

A priori there's only 1 correct plaintext, while there are limitless chipertexts of any given plain text (assuming arbitrary IV lengths and key). You can't change that and this is basically what makes encryption so much stronger than decryption.

[nickpsecurity]

Only two sentences were about encryption. The others mainly covered the foundations, like kernels or MMU's, encryption depends on or can be bypassed with. You should look up TEMPEST Level 1 safes, PC's, peripherals, and rooms. That's just EMSEC part tgat requires all thst because physics fights us. Then, look up NSA Type 1 hardware and physical separation with Red/Black model to see how you start on endpoints. Rad-hard and fault-tolerant circuitry too where you'll see probabilities instead of certainties.

Add it all up to say that, outside a few products, your security mechanisms from CPU go crypto arent secure. Physics and intrinsic complexity work together to ensure this. Systems fighting all of it have less features, are heavy, more manual steps, less battery life, and cost several times more. Economics takes over there where physics leaves off.

"A priori there's only 1 correct plaintext, while there are limitless chipertexts of any given plain text (assuming arbitrary IV lengths and key)."

A priori there's electrical signals going through analog and digital circuitry that implements a form of it with malicious hardware, software, or networks connected to it. There's tons of ways to intercept or leak those secrets. These are not in the formal model of crypto. Once included, the picture changes considerably and leans my way.

[SCHiM]

Except of course I can create an unbreakable encryption with two pieces of paper and a pencil by constructing a one-time pad. And that encryption has nothing to do with computers except for the fact that doing encryption by hand would take ages these days and we therefore choose to delegate it.

The fact that our computers are too unreliable to be trusted with encryption does not mean that the universe does not favour encryption.

Unless you constantly keep inventing malicous hardware or hidden 'observers' in the paper and pencil scenario there's no way you can say that decryption is easier than decryption.

[nickpsecurity]

I saw that counter coming. A little bit different, better argument. Several things in here. So, let's look at them.

re paper encryption

That was defeated regularly in the Cold War in a number of ways. Easy or not, the mathematical proof didn't translate directly into the real world due to human issues and physical ones like intercept or observation. FBI's crypo unit has been defeating custom pencil and paper ciphers of criminals for a long time, too. So, we can say the best, provable encryption makes the job more difficult if no observation of the act of encryption, KEYMAT, or decryption take place. That's a lot more limited than mathematicians pronouncements imply. ;)

re universe

"universe does not favor encryption"

Oh, I think it doesn't. For one, encryption only happened one time in known universe that we know of. When it did, it screwed up more often than it worked. Then, even the best forms are defeated by stuff above thanks to other properties of the universe. Universe seems to favor plain text to me. Its own codes are plain to observe, too. Obfuscated at worst.

re computers

That was a nice dismissal but computers are the whole point, right? We talk encryption that we're going to use on a computer most likely. Then someone says some stuff like how we can trust the math. Then I have to point out we run electrical impulses representing machine instructions, not math. Then the conversation drifts to pencil and paper or arcane stuff.

At least you admitted we can't trust the math on a computer because it doesn't represent what it does. Often not on pencil and paper either or in speech if under surveillance. So, we can't trust the math at all. It's always math + all kinds of circumstances and methods. Even then, we can only trust it with probability C as in odds of Compromise.