Infinite One-Time Pad, is this product BS?
in [Cryptography]
|
Prev: Certificates
Next: Q: Kerchhoffs' principle
From: Vanessa on 27 Jan 2010 04:33 On Jan 27, 2:09 pm, WTShaw <lure...(a)gmail.com> wrote: > On Jan 26, 11:23 pm, Vanessa <vanessavertu...(a)yahoo.com> wrote: > > > > > > > On Jan 27, 2:52 am, Paulo Marques <pmarq...(a)grupopie.com> wrote: > > > > vanessavertu...(a)yahoo.com wrote: > > > > On Jan 27, 1:33 am, Paulo Marques <pmarq...(a)grupopie.com> wrote: > > > >> vanessavertu...(a)yahoo.com wrote: > > > >>> [...] > > > >>> Okay, I will discuss here how Infinite One-Time Pad works according > > > >>> to available references. This may not be accurate as I may be missing > > > >>> something but generally it goes like this. > > > >> Since you seem to be honest and not trolling, I'll try to explain why > > > >> this doesn't work. > > > > You're starting to prove me wrong with this last post.... :( > > > > >>> The PLAIN text is compressed and encoded using series of algorithms. > > > >>> Let's now call it "Transformed Text". > > > >> This transformation doesn't involve any kind of encryption with a secret > > > >> key. So, if an attacker want to test some key, it can try it and run the > > > >> reverse transformation over the obtained text and see if that works. > > > > > That is not possible since the "transformed text" is no longer > > > > available once the "transformed key" is applied. > > > >[...] > > > > Foremost, that is not possible since the "transformed text" is not > > > > available after applying the key. Even if the "transformed text" is > > > > exposed, the zipping codes you are saying such as "PK" no > > > > longer exist since it is encoded using series of algorithms. > > > > Let me try to be clearer. The process you described is: > > > > PlainText (PT) -> [box of deterministic algorithms] -> > > > transformed text (TT) -> [transform with secret file + password] -> > > > cypher text (CT) > > > > Correct? > > > Correct, but you should know that "Password" is not the only > > protection > > you can implement. > > > > So, now I'm an attacker. I have CT, and want PT. Imagine that I can grab > > > hold of the secret file, and am trying out passwords to see if any of it > > > works. > > > > So if I want to try password P, I take CT -> [reverse transformation > > > using secret file + P] -> TT. > > > > Now I need to check if TT is correct or not. You simply need to run: TT > > > -> [reverse box of deterministic algorithms] -> PT and test the > > > resulting PT to see if it is a valid plaintext. > > > > So the [box of deterministic algorithms] doesn't help at all. And when I > > > say that it might even make it worse, is because the reverse > > > transformation might fail for some TT's which can be immediately > > > perceived by the attacker as a "wrong password", without even needing to > > > check the actual plaintext. > > > So now, you've resorted to "Brute Force". Unfortunately, in Infinite > > One-Time Pad, you can use a password of any length. > > Why not download the trial version to see for yourself? > > You can even use the whole content of a book if that's what you > > prefer. Let's say that the possible character you can type is 92 and > > the > > length of the password is 16, the total possiblities will be 92 ^ 16. > > Even > > if the fastest computer in the world is used it will take trillions of > > years > > to try them all. How much more if the length is longer? > > > > >>> Now, the key is extracted from a secret file of your choice and > > > >>> again it is filtered and encoded > > > >> The point here is key distribution: if you need to send your encrypted > > > >> file to someone you need to also send the "secret file". At this point, > > > >> is not secret anymore. > > > > > There is no problem sending the "Secret File". It can be pre-arranged. > > > > It could be that the file is already with him. > > > > That is exactly the problem! If you have one algorithm, where Bob can > > > send the public key in the clear to Alice and keep the private key > > > private, and receive an encrypted file from Alice that only he can > > > decrypt, why should you use a worse algorithm that forces you to > > > "pre-arrange" the keys over a secure channel? > > > Use Infinite One-Time Pad if maximum security is desired. > > If not, then use other algorithms. You can read it here.http://www.hiddentools.com/io-tp/art3.html > > > > >>> and you have a chance to insert any word or characters at any location > > > >>> to modify it further. If you type a password, each character of the > > > >> password > > > >>> re-encodes the modified key. Let's call the result as "Transformed > > > >>> Key". > > > >> This is not very different from key strengthening. It is just slightly > > > >> worse than any other algorithm out there. > > > > > You have no basis of saying that. > > > > Of course I have. In typical key strengthening algorithms you take the > > > user-readable password and re-hash it N times. You can select that N as > > > a trade-off between speed and strength. This way you have a real measure > > > of the strengthening effort. > > > > "each character of the password re-encodes the modified key" sounds very > > > weak, because with small passwords you'll just have very few modifications. > > > It is stated that key has undergone series of transformations after > > extraction > > from the key file. Transformations due to password are just extras. > > > > >>> I CHALLENGE EVERYONE to present a solution on how to attack > > > >>> the ciphertext. You can find available "cryptanalysis" techniques here > > > >>>http://en.wikipedia.org/wiki/Cryptanalysis. Study the attacks then > > > >>> show how it could be used against Infinite One-Time Pad's > > > >>> ciphertext at least logically. > > > >> You're talking to the crowd that wrote that wikipedia page, so you get > > > >> no points for insulting everyone. > > > > > It is not an insult. It is a challenge. > > > > The insult part is the "go read it and learn". Many people here know > > > very well all the theory that is explained in Wikipedia. Even more, > > > Wikipedia just has mostly the basics. If you're serious about > > > cryptography you really need to at least read a few books. > > > Okay, I'm sorry if that has insulted you. That is just a reference > > for readers who don't know about it anyway because the challenge > > is addressed to everyone. > > > > > If somebody is successful, then it > > > > could be published on wiki. The technique will be seen by the > > > > community and would be a good educational material. > > > > Are you going to pay for my time? > > > No, not me. > > > > > Who knows somebody can invent a new cryptanalytic > > > > method for this kind of encryption technique. > > > > There is nothing new here, just gibberish. > > > > >> If you compare that algorithm with something like GnuPG (for instance), > > > >> you'll notice how key distribution is much easier and secure with GnuPG > > > >> (and free). > > > > > How did you know? Do you know the algorithms used in Infinite > > > > One-Time Pad? > > > > I know because GnuPG is a public key algorithm, as opposed to a > > > symmetric key algorithm like this one. Key distribution must be harder > > > as a direct consequence. > > > > Even the name "Infinite One-Time Pad" sounds like snake oil. Anyone here > > > can tell you that. > > > "Snake Oil"? this is the default term used if the algorithm of a > > certain crypto > > system is not exposed. Do we need the author to expose everything? I > > think the expanation is already enough to see the strength. > > > > Anyway, consider this my last effort to explain this. If you still can't > > > get it, then I'll consider that you're just trolling like john. > > > I'm not trolling, my reasons for believing on the strength of Infinite > > One-Time Pad is justified. Sometimes we have to consider other > > possibilities. Fundamental theories are beneficial but do not confine > > yourself with them. As John said, this is dangerous to the > > advancement of cryptography. Computer technology is rapidly > > advancing. We should move forward, consider and explore > > posibilities so cryptography will no left behind. > > > "The man who follows the crowd will usually get no further than > > the crowd. The man who walks alone is likely to find himself in > > places no one has ever been." - Alan Ashley - Pitt > > > You can be the next Shannon. > > > > -- > > > Paulo Marques -www.grupopie.com > > > > "Prediction is hard. Especially of the future." > > > Niels Bohr > > As you advance, forget not where you have been and what you learned to > even get there. The burden of knowledge is inclusive.- Hide quoted text - > > - Show quoted text - You're absolutely right. We owe our achievements from people who came before us and provided thories as our reference. The concept they have provided must evolve so advancements can be achieved. The author of the Infinite One-Time Pad did not claim that Shannon is wrong. He agreed that Perfect random key is necessary to attain perfect secrecy in the case of "One Time Pad" where the key is directly applied with the plain text. http://www.hiddentools.com/io-tp/art2.html The situation now is different. We have powerful computers that can perform operations at very fast speed. Imagine if you do operations such as compression, bit operations, transformation algorithms manually. It may take you months to decrypt a page of ciphertext. With the aid of computers, these can be performed in split of second. In the time of Shannon, this is not possible. Infinite One-Time Pad utlizes the power of computer making the use of random key unnecessary. I think this is what is being objected here. I was also skeptic at first but when I analyzed the encryption flow, I'm convinced that it is indeed unbreakable.
From: john on 27 Jan 2010 04:35 > > Unfortunately that proves that you know nothing about crypto. You cannot > "see" the results and deduce anything about crypto. The worst crypto can > look just as random in output as the best. That is the problem with > crypto. You cannot judge it by its output, as you can most other > software. You MUST examine the code in detail, just as your enemy is > going to do. And if he breaks the code, he will not tell you. > Ie, judging crypto is completely different from judging most other > software. .... That's why somebody have already given lightning speed verdict of being a BS to a software without even giving a fair trial by looking at exact details - this action usually reflects how they judge a book by its cover without reading its contents - indeed a disaster to cryptography ... what a pure bullocks! > > You have not scratched anyone's ego, your claws are non-existant. You do > however threaten to confuse other people. > --- I can see no confusion at all basically, better off if people only open their understanding,.... why, are you being threatened?
From: Richard Herring on 27 Jan 2010 04:58 In message <4b5f388b$0$2533$da0feed9(a)news.zen.co.uk>, Peter Fairbrother <zenadsl6186(a)zen.co.uk> writes > >First, the use of key modification is not mandated, so it may not be >used by some people. In practice, most people won't use it. >Second, if it's not stored on the disk, the modification will be done >by a human - two humans, in fact - from memory, so it can't be very >complex, and will in most cases be easily guessable. > >It's just like adding an extra key - it might make breaking it harder, >but it does not make it unbreakable. Worse, there's no guarantee that the "key modification" produces a sequence that's random in the first place. Since the original "secret file" might contain anything, and the modification process might well be unexpectedly non-random (see Knuth's description of his "super-random" generator for a classic example) the modification process might amplify any correlations in the file, to the point where nothing's left but a simple polyalphabetic cipher. -- Richard Herring
From: Vanessa on 27 Jan 2010 05:32 On Jan 27, 5:35 pm, john <penetrat...(a)yahoo.com> wrote: > > Unfortunately that proves that you know nothing about crypto. You cannot > > "see" the results and deduce anything about crypto. The worst crypto can > > look just as random in output as the best. That is the problem with > > crypto. You cannot judge it by its output, as you can most other > > software. You MUST examine the code in detail, just as your enemy is > > going to do. And if he breaks the code, he will not tell you. > > Ie, judging crypto is completely different from judging most other > > software. > > ... That's why somebody have already given lightning speed verdict of > being a BS to a software without even giving a fair trial by looking > at exact details - this action usually reflects how they judge a book > by its cover without reading its contents - indeed a disaster to > cryptography ... what a pure bullocks! > > "Knowing the exact details"? The person who gave a verdict of being a BS to the software does not even know how to use it. He does not know what he is talking about at the time he issued his comments. Don't you know that you cannot judge a book by its cover? So do not call a software a BS if you do not know much about it. > > > You have not scratched anyone's ego, your claws are non-existant. You do > > however threaten to confuse other people. > > --- I can see no confusion at all basically, better off if people only > open their understanding,.... why, are you being threatened?
From: Vanessa on 27 Jan 2010 06:01
On Jan 27, 5:58 pm, Richard Herring <junk@[127.0.0.1]> wrote: > In message <4b5f388b$0$2533$da0fe...(a)news.zen.co.uk>, Peter Fairbrother > <zenadsl6...(a)zen.co.uk> writes > > > > >First, the use of key modification is not mandated, so it may not be > >used by some people. In practice, most people won't use it. So the attacker will not have any clue if it is used or not. This adds up to his considerations making the ciphertext harder to crack. > >Second, if it's not stored on the disk, the modification will be done > >by a human - two humans, in fact - from memory, so it can't be very > >complex, and will in most cases be easily guessable. The user is flexible to do what he want. He may keep it on a disk, or on paper. Not necessarily the exact modification, a simple clue is enough. Note that key modification can be done not only by insertion but also by replacement (the user can replace characters). This will lost the attacker. > > >It's just like adding an extra key - it might make breaking it harder, > >but it does not make it unbreakable. If it will break in million years, that is as good as unbreakable. > > Worse, there's no guarantee that the "key modification" produces a > sequence that's random in the first place. Since the original "secret > file" might contain anything, and the modification process might well be > unexpectedly non-random (see Knuth's description of his "super-random" > generator for a classic example) the modification process might amplify > any correlations in the file, to the point where nothing's left but a > simple polyalphabetic cipher. > Even if the modification is not random (say i typed my name then replace some characters with my surname), the characters will change after I type my password. It will undergo irreversible transformation. Why not try it so you can see. Let me give you a simple irreversible transformation. Suppose I have a letter "A" which is equal to "065" in decimal. Now I will add the digets to get 011. This is now transformed to a different character and there's no way to get the original since there are so many possibilities. It could be 092, 083, 074, 065, 074, 083, 092, 191, 182, 173 and so on. Can you still see a pattern or at least a clue on the transformed key? Even if you know the operation (addition) and know the resulting key, you cannot get the original key. I believe the author of the Infinite One-Time Pad did more complex transformation algorithms than this. > -- > Richard Herring |