Infinite One-Time Pad, is this product BS?
in [Cryptography]
|
Prev: Certificates
Next: Q: Kerchhoffs' principle
From: Peter Fairbrother on 26 Jan 2010 13:50 Paulo Marques wrote: > rossum wrote: >> On Tue, 26 Jan 2010 04:39:30 -0800 (PST), john <penetratorv(a)yahoo.com> >> wrote: >> >>> - To be honest with you dude "unicity distance" is now meaningless >>> IMHO.. >> Fine, then please crack my own unbreakable code. Here is a sample of >> cyphertext for you: 5A >> >> That is a single byte of cyphertext expressed in hex. Since unicity >> is "meaningless" you should be able to decrypt it. > > Oh, oh, let me try: it's an 'R', no wait, it's an 'A', no... Hummm, can > I have 256 attempts? > > :) > No. it's "supercalifragilisticexpialidocious". Or "squeamish ossifrage" if I turn my codebook upside down. :-P -- Peter Fairbrother
From: Paulo Marques on 26 Jan 2010 13:52 vanessavertudez(a)yahoo.com wrote: > On Jan 27, 1:33 am, Paulo Marques <pmarq...(a)grupopie.com> wrote: >> vanessavertu...(a)yahoo.com wrote: >>> [...] >>> Okay, I will discuss here how Infinite One-Time Pad works according >>> to available references. This may not be accurate as I may be missing >>> something but generally it goes like this. >> Since you seem to be honest and not trolling, I'll try to explain why >> this doesn't work. You're starting to prove me wrong with this last post.... :( >>> The PLAIN text is compressed and encoded using series of algorithms. >>> Let's now call it "Transformed Text". >> This transformation doesn't involve any kind of encryption with a secret >> key. So, if an attacker want to test some key, it can try it and run the >> reverse transformation over the obtained text and see if that works. > > That is not possible since the "transformed text" is no longer > available once the "transformed key" is applied. >[...] > Foremost, that is not possible since the "transformed text" is not > available after applying the key. Even if the "transformed text" is > exposed, the zipping codes you are saying such as "PK" no > longer exist since it is encoded using series of algorithms. Let me try to be clearer. The process you described is: PlainText (PT) -> [box of deterministic algorithms] -> transformed text (TT) -> [transform with secret file + password] -> cypher text (CT) Correct? So, now I'm an attacker. I have CT, and want PT. Imagine that I can grab hold of the secret file, and am trying out passwords to see if any of it works. So if I want to try password P, I take CT -> [reverse transformation using secret file + P] -> TT. Now I need to check if TT is correct or not. You simply need to run: TT -> [reverse box of deterministic algorithms] -> PT and test the resulting PT to see if it is a valid plaintext. So the [box of deterministic algorithms] doesn't help at all. And when I say that it might even make it worse, is because the reverse transformation might fail for some TT's which can be immediately perceived by the attacker as a "wrong password", without even needing to check the actual plaintext. >>> Now, the key is extracted from a secret file of your choice and >>> again it is filtered and encoded >> The point here is key distribution: if you need to send your encrypted >> file to someone you need to also send the "secret file". At this point, >> is not secret anymore. > > There is no problem sending the "Secret File". It can be pre-arranged. > It could be that the file is already with him. That is exactly the problem! If you have one algorithm, where Bob can send the public key in the clear to Alice and keep the private key private, and receive an encrypted file from Alice that only he can decrypt, why should you use a worse algorithm that forces you to "pre-arrange" the keys over a secure channel? >>> and you have a chance to insert any word or characters at any location >>> to modify it further. If you type a password, each character of the >> password >>> re-encodes the modified key. Let's call the result as "Transformed >>> Key". >> This is not very different from key strengthening. It is just slightly >> worse than any other algorithm out there. > > You have no basis of saying that. Of course I have. In typical key strengthening algorithms you take the user-readable password and re-hash it N times. You can select that N as a trade-off between speed and strength. This way you have a real measure of the strengthening effort. "each character of the password re-encodes the modified key" sounds very weak, because with small passwords you'll just have very few modifications. >>> I CHALLENGE EVERYONE to present a solution on how to attack >>> the ciphertext. You can find available "cryptanalysis" techniques here >>> http://en.wikipedia.org/wiki/Cryptanalysis. Study the attacks then >>> show how it could be used against Infinite One-Time Pad's >>> ciphertext at least logically. >> You're talking to the crowd that wrote that wikipedia page, so you get >> no points for insulting everyone. > > It is not an insult. It is a challenge. The insult part is the "go read it and learn". Many people here know very well all the theory that is explained in Wikipedia. Even more, Wikipedia just has mostly the basics. If you're serious about cryptography you really need to at least read a few books. > If somebody is successful, then it > could be published on wiki. The technique will be seen by the > community and would be a good educational material. Are you going to pay for my time? > Who knows somebody can invent a new cryptanalytic > method for this kind of encryption technique. There is nothing new here, just gibberish. >> If you compare that algorithm with something like GnuPG (for instance), >> you'll notice how key distribution is much easier and secure with GnuPG >> (and free). > > How did you know? Do you know the algorithms used in Infinite > One-Time Pad? I know because GnuPG is a public key algorithm, as opposed to a symmetric key algorithm like this one. Key distribution must be harder as a direct consequence. Even the name "Infinite One-Time Pad" sounds like snake oil. Anyone here can tell you that. Anyway, consider this my last effort to explain this. If you still can't get it, then I'll consider that you're just trolling like john. -- Paulo Marques - www.grupopie.com "Prediction is hard. Especially of the future." Niels Bohr
From: Bruce Stephens on 26 Jan 2010 14:33 vanessavertudez(a)yahoo.com writes: > On Jan 27, 1:33 am, Paulo Marques <pmarq...(a)grupopie.com> wrote: [...] >> If you compare that algorithm with something like GnuPG (for instance), >> you'll notice how key distribution is much easier and secure with GnuPG >> (and free). > > How did you know? Do you know the algorithms used in Infinite > One-Time Pad? Because GnuPG offers asymmetric algorithms, and IOTP doesn't. [...]
From: unruh on 26 Jan 2010 14:36 On 2010-01-26, john <penetratorv(a)yahoo.com> wrote: >> >> >vanessavertu...(a)yahoo.com wrote: >> >> [...] >> >> Okay, I will discuss here how Infinite One-Time Pad works according >> >> to available references. This may not be accurate as I may be missing >> >> something but generally it goes like this. >> >> >Since you seem to be honest and not trolling, >> >> And for someone with zero posting history before today, it's very brave >> of her to start in this newsgroup ;-/ >> >> -- >> Richard Herring > > - BTW I also got zero posting history prior to my recent post which > was immediately insulted - but it's fine, this is your newsgroup > anyway.. I'm only protecting my favourite item in my collection (the > BS as they say without basis). ... I'm just giving my point to the > iotp... anyway there's nothing sensible against it so far... I still > stick to IOTP - the unbreakable! What you do with your own stuff is your business. It is when you start to advise others that total lack of knowledge of cryptography begins to be displayed. Crypto is different from almost all other products, in that the consumer cannot see whether or not the crypto really works. Even totally shoddy products look like they work (in goes text, out comes gibberish). And if it does not work, you are liable not to know it ( your enemies will not advertise that they broken your crypto.) Then it becomes even more important that you rely on people who really know, understand and practice crypto-- breaking and creation-- and you are always far far better off relying on well known and studied systems than flybynight systems. Now I doubt that you have anything very important that anyone wants to steal, and if you do, it is you that will suffer the consequences of your ignorance and pig-headedness-- and whoever relies on your advice.
From: john on 26 Jan 2010 18:52
On Jan 26, 7:36 pm, unruh <un...(a)wormhole.physics.ubc.ca> wrote: > On 2010-01-26, john <penetrat...(a)yahoo.com> wrote: > > >> >vanessavertu...(a)yahoo.com wrote: > >> >> [...] > >> >> Okay, I will discuss here how Infinite One-Time Pad works according > >> >> to available references. This may not be accurate as I may be missing > >> >> something but generally it goes like this. > > >> >Since you seem to be honest and not trolling, > > >> And for someone with zero posting history before today, it's very brave > >> of her to start in this newsgroup ;-/ > > >> Richard Herring > > > - BTW I also got zero posting history prior to my recent post which > > was immediately insulted - but it's fine, this is your newsgroup > > anyway.. I'm only protecting my favourite item in my collection (the > > BS as they say without basis). ... I'm just giving my point to the > > iotp... anyway there's nothing sensible against it so far... I still > > stick to IOTP - the unbreakable! > > What you do with your own stuff is your business. It is when you start > to advise others that total lack of knowledge of cryptography begins to > be displayed. - I've no intention to advise others as I don't have the capability to do so, I only stick to iotp topic that's all, no more no less... If I'd advised somebody - that was when I asked them to try the iotp themselves before their BS verdict. ...... On the display of lack of cryptography knowledge: Have you really seen such a so-called display in the process? or you've seen it just before that display (prejudice)? Considering I indeed lack of the very least knowledge of cryptography why you can just prove things to me in the very first place then - period. All I can see is prejudism and rubbish explanation/conclusion not worth a penny - oh, it's just now when vanessa(?) entered the forum that things are becoming a bit sensible (though arrogance still exist)... for time being. BTW in a user's point of view, there's no need to familiarize the skeleton if the result is obvious and I as a user relies on the result. I don't need to learn the technical blueprint of a thing where I can see "concretely" its capability otherwise, I won't be using my tractor without knowing its blueprint as it may jump and drop me off in the air. On Paulo: I'm not trolling dude just because I disagree with your concept,... To all of you, as it seems you're a circle of gentlemen with a common concept - my sincere Apology if I've scratched your egos... I appreciate your deep knowledge on your own cup of tea, although I'm not a high flying cryptographer but merely a normal user, I can still sense that something is just not right (at least in a certain thing) like giving a verdict to an untested item - nothing less than making a conclusion without examination - driven merely by hypothesis usually derived from a closed concept. |