I’m pleased to report that after years of reading Bruce Schneier, I am finally catching on. A few weeks back at the Embedded Systems Conference I attended a lunch for startup companies and venture capitalists. One of the presenting companies, SecureRF, claimed to have invented a security protocol for resource-constrained systems (such as RFID devices) that was (a) cheap mathematically and (b) even more secure than existing security techniques.
I was skeptical. I even thought of blogging here or e-mailing Bruce, but just never found the time. Encryption is mathematically hard for reasons I had learned in grad school. The company’s hand-waving about a new faster way of doing it was either bullsh*t or a major cryptology breakthrough we should all be reading about elsewhere.
It seems that Schneier has now caught wind of SecureRF. Here’s his blog post about the company, which labels the “breakthrough” nothing more than snake oil.