Heuristic Security

Provable security is a great tool to gain confidence in a crypto scheme, but it doesn’t apply to all kinds of algorithms. In fact, most symmetric ciphers don’t have a security proof. For example, every day we rely on the Advanced Encryption Standard (AES) to securely communicate using our mobile phones, laptops, and desktop computers, but AES is not provably secure; there’s no proof that it’s as hard to break as some well-known problem. AES can’t be related to a math problem or to another algorithm because it is the hard problem itself.

In cases where provable security doesn’t apply, the only reason to trust a cipher is because many skilled people tried to break it and failed. This is sometimes called heuristic security. #security