Infinite One-Time Pad, is this product BS?
in [Cryptography]
|
Prev: Certificates
Next: Q: Kerchhoffs' principle
From: Paulo Marques on 26 Jan 2010 12:42 rossum wrote: > On Tue, 26 Jan 2010 04:39:30 -0800 (PST), john <penetratorv(a)yahoo.com> > wrote: > >> - To be honest with you dude "unicity distance" is now meaningless >> IMHO.. > Fine, then please crack my own unbreakable code. Here is a sample of > cyphertext for you: 5A > > That is a single byte of cyphertext expressed in hex. Since unicity > is "meaningless" you should be able to decrypt it. Oh, oh, let me try: it's an 'R', no wait, it's an 'A', no... Hummm, can I have 256 attempts? :) -- Paulo Marques - www.grupopie.com "Every drive dies; not every drive really lives." -- Braveheart meets 21st century technology. :^)
From: Richard Herring on 26 Jan 2010 12:45 In message <i9qdnaB-O5v7usLWnZ2dnUVZ8sxi4p2d(a)novis.pt>, Paulo Marques <pmarques(a)grupopie.com> writes >vanessavertudez(a)yahoo.com wrote: >> [...] >> Okay, I will discuss here how Infinite One-Time Pad works according >> to available references. This may not be accurate as I may be missing >> something but generally it goes like this. > >Since you seem to be honest and not trolling, And for someone with zero posting history before today, it's very brave of her to start in this newsgroup ;-/ -- Richard Herring
From: vanessavertudez on 26 Jan 2010 13:01 On Jan 27, 1:33 am, Paulo Marques <pmarq...(a)grupopie.com> wrote: > vanessavertu...(a)yahoo.com wrote: > > [...] > > Okay, I will discuss here how Infinite One-Time Pad works according > > to available references. This may not be accurate as I may be missing > > something but generally it goes like this. > > Since you seem to be honest and not trolling, I'll try to explain why > this doesn't work. > > > The PLAIN text is compressed and encoded using series of algorithms. > > Let's now call it "Transformed Text". > > This transformation doesn't involve any kind of encryption with a secret > key. So, if an attacker want to test some key, it can try it and run the > reverse transformation over the obtained text and see if that works. That is not possible since the "transformed text" is no longer available once the "transformed key" is applied. > > In fact, this transformed text can be even easier to attack than the > original text. Let me give you an example: imagine that your > transformation consisted of Zip'ing the files you want to encrypt. Now > the attacker knows that the "transformed text" always start with the > string "PK" (and other zip structure details) and doesn't even need to > run the reverse transformation to find the actual plaintext to know if a > key works or not. Foremost, that is not possible since the "transformed text" is not available after applying the key. Even if the "transformed text" is exposed, the zipping codes you are saying such as "PK" no longer exist since it is encoded using series of algorithms. > > > Now, the key is extracted from a secret file of your choice and > > again it is filtered and encoded > > The point here is key distribution: if you need to send your encrypted > file to someone you need to also send the "secret file". At this point, > is not secret anymore. > > There is no problem sending the "Secret File". It can be pre-arranged. It could be that the file is already with him. > > > and you have a chance to insert any word or characters at any location > > to modify it further. If you type a password, each character of the > password > > re-encodes the modified key. Let's call the result as "Transformed > > Key". > > This is not very different from key strengthening. It is just slightly > worse than any other algorithm out there. > You have no basis of saying that. > > Finally, the "Transformed Key" is applied to the "Transformed Text". > > Duh, > > > I CHALLENGE EVERYONE to present a solution on how to attack > > the ciphertext. You can find available "cryptanalysis" techniques here > >http://en.wikipedia.org/wiki/Cryptanalysis. Study the attacks then > > show how it could be used against Infinite One-Time Pad's > > ciphertext at least logically. > > You're talking to the crowd that wrote that wikipedia page, so you get > no points for insulting everyone. It is not an insult. It is a challenge. If somebody is successful, then it could be published on wiki. The technique will be seen by the community and would be a good educational material. Who knows somebody can invent a new cryptanalytic method for this kind of encryption technique. > > If you compare that algorithm with something like GnuPG (for instance), > you'll notice how key distribution is much easier and secure with GnuPG > (and free). > How did you know? Do you know the algorithms used in Infinite One-Time Pad? > -- > Paulo Marques -www.grupopie.com > > "Feed the hungry, save the whales, free the mallocs!"
From: john on 26 Jan 2010 13:12 On Jan 26, 5:42 pm, Paulo Marques <pmarq...(a)grupopie.com> wrote: > rossum wrote: > > On Tue, 26 Jan 2010 04:39:30 -0800 (PST), john <penetrat...(a)yahoo.com> > > wrote: > > >> - To be honest with you dude "unicity distance" is now meaningless > >> IMHO.. > > Fine, then please crack my own unbreakable code. Here is a sample of > > cyphertext for you: 5A > > > That is a single byte of cyphertext expressed in hex. Since unicity > > is "meaningless" you should be able to decrypt it. - Of course I can't... firstly, I'm not a cracker and I've no time and patience to crack (I'm only a user and a fan of cryptography and I'll be much happier if you could send me your item for my cryptography collection)... secondly, I don't need to learn how to program with the 8080 microprocessor just to prove that PC's are better and the 8080 is now redundant... >
From: john on 26 Jan 2010 13:38
> > >vanessavertu...(a)yahoo.com wrote: > >> [...] > >> Okay, I will discuss here how Infinite One-Time Pad works according > >> to available references. This may not be accurate as I may be missing > >> something but generally it goes like this. > > >Since you seem to be honest and not trolling, > > And for someone with zero posting history before today, it's very brave > of her to start in this newsgroup ;-/ > > -- > Richard Herring - BTW I also got zero posting history prior to my recent post which was immediately insulted - but it's fine, this is your newsgroup anyway.. I'm only protecting my favourite item in my collection (the BS as they say without basis). ... I'm just giving my point to the iotp... anyway there's nothing sensible against it so far... I still stick to IOTP - the unbreakable! |