[h3xe]

    I want to replace systems like AES with ones that uses
    the hardness of factoring for their security. Systems
    like AES rely on intuition and experimental testing for
    their security—there is not even a conditional proof that
    they are secure.

1) You can prove symmetric crypto is secure 2) In the light of (upcoming fast) factoring algorithms, using crypto that relies on factoring everywhere sounds very stupid.

[nhaehnle]

Please point to a proof of the security of symmetric crypto if you can. Last I checked, such a proof would have still been considered an incredible breakthrough.

All that people are doing is to show that k rounds of cypher C can be broken, where actual implementations use K > k rounds, and then arguing that nobody has been able to break more despite a lot of effort, cypher C is probably secure in practice. That is good evidence, but not a proof.

[Groxx]

One-time-use random data XOR your data = provably secure symmetric crypto, afaik. I could try to hunt down a proof of that one. Impractical, sure, but provable.

Also afaik, others haven't been proven / can only be proven to have certain qualities, and leave gaps which have massive real-world implication. So yeah, I'm curious for other proofs too.

[duaneb]

One time pads are currently the only provable "unbreakable" encryption. The proof is trivial.