Infinite One-Time Pad, is this product BS?
in [Cryptography]
|
Prev: Certificates
Next: Q: Kerchhoffs' principle
From: Richard Herring on 27 Jan 2010 09:35 In message <hjphh1$6qv$1(a)speranza.aioe.org>, Noob <root(a)127.0.0.1> writes >Bruce Stephens wrote: > >> If you want software that's not a one-time pad but claims to be as good >> as, why not choose a free one? For example, Adacrypt > >Hold on a minute. > >Are you seriously recommending Adacrypt's snake oil? Why not? It's an excellent example of "software that's not a one-time pad but claims to be as good as", _with all that implies_. -- Richard Herring
From: Paulo Marques on 27 Jan 2010 10:54 Vanessa wrote: > On Jan 27, 8:59 pm, Paulo Marques <pmarq...(a)grupopie.com> wrote: >> So, all the file transformations and key transformations, etc., are >> pretty much pointless and just show that whoever designed this product >> doesn't understand cryptography at all. > > The "Secret Code", "Secret File", "Key Modification", and "Password" > are unknown to the attacker? How can the attacker reproduce them?" You seem to be arguing under the assumption (that many people make, btw) that if a software author doesn't disclose something about its internals, then it is "secret". This is very, very, very far from the truth. If the algorithm is being used in the software, then it is as good as public. Any decent cracker can open the software and check the algorithms. It might increase slightly the work that as to be done, but that's just it, a slight nuisance. Just watch this video to get an idea of how this works: http://hexblog.com/decompilation/video/vd1.html or this video (longer): http://www.ccso.com/files/hexraysdemo.swf So, from all of the above, if the attacker steals your laptop and the secret file is there, the only thing that stands between him and the plain text is your password. > People here are very good in theories. I hope you will grow in your > carrer. The world needs people like you. > Thank you so much for your time. You're welcome :) As long as people are honest about their intentions, and are really looking to understand how cryptography works, I don't mind using a few minutes of my time to help out. -- Paulo Marques - www.grupopie.com "I used to be indecisive, but now I'm not so sure."
From: Noob on 27 Jan 2010 11:54 Vanessa wrote: > "Knowing the exact details"? The person who gave a verdict of > being a BS to the software does not even know how to use it. > He does not know what he is talking about at the time he issued > his comments. Don't you know that you cannot judge a book by > its cover? So do not call a software a BS if you do not know much > about it. Are you done astroturfing yet ???
From: john on 27 Jan 2010 15:39 > > Whether it's an "irreversible transformation" is irrelevant. What > matters is whether the resulting key stream is a random sequence. If it > isn't, you can extract information about the plaintext *without knowing > the key*. > - Shannon really has been so successful to get a "extremely die hard" disciple of perfect randomness obscession. You're a legend Shannon! 'fortunately, Shannon didn't setup a his own "religion of perfect randomness".
From: Gordon Burditt on 27 Jan 2010 16:16
>> Let me try to be clearer. The process you described is: >> >> PlainText (PT) -> [box of deterministic algorithms] -> >> � transformed text (TT) -> [transform with secret file + password] -> >> � � cypher text (CT) >> >> Correct? No, not really, he's left out a lot of pieces of the key which also enter into the computation, although if you change "transform with secret file + password" to "transform with all the wierd pieces of the key", I think that's what's intended. >Correct, but you should know that "Password" is not the only >protection >you can implement. Please generate an IOTP key and post it here. You don't have to ever *USE* the key. You seem to be desparately avoiding including the "optional protections" as part of the key, when you should include them (It makes your argument stronger). The key includes all of the "optional protections" you may or may not use (specifically state that you don't use one if that's the case) if that's required to be known by the recipient in order to decrypt the message (using the ciphertext, his own downloaded copy of the program, and the key, and no other shared secret information). I suggest using all the optional features to show off how jinormous the key can be. The attacker is assumed to have captured the ciphertext, have his own downloaded copy of the program (and he's presumably disassembled it and figured out the algorithm it uses), and have none of the parts of the key. People seem to be jumping on the fact that "optional protections" are not disclosed when they're really part of the key. Imagine if the key to decrypt a message was: The password is "jlj3l5klj4byh9h4eo2ht94yhouhqfo2hiu4y6uihkjvhi2". Lift the toilet seat, but don't put anything in the toilet. Use the file /vmunix on your computer concatenated with the archive of spam emails from 1997. Turn off the porch light. Set the television to channel 3, but turn it off. Don't wipe your nose. Do wipe your left thumb. Face Northeast. Shave the left side of your face only. The launch code is "CPE1704TKS". The secret holiday is "Barak Obama's Kindergarten Graduation". The insect of the day is the "Madagascar Pissing Cockroach". and if you get any one or more of these wrong, the message won't decrypt properly. That may be a bit less conventional than using a bit string as a key, but it can work just as well. |