Back to the main page

Mailing List Logs for ShadowRN

Message no. 1
From: Gian-Paolo Musumeci <musumeci@***.LIS.UIUC.EDU>
Subject: Re: Mathematical proofs (Was: Re: Quantum cryptography -
Date: Tue, 9 Aug 1994 22:56:56 -0500
Proofs have been disproven before. Fair enough? Don't assume anything works.
Cryptography is very much a paranoia trip.
Message no. 2
From: Luke Kendall <luke@********.CANON.OZ.AU>
Subject: Re: Mathematical proofs (Was: Re: Quantum cryptography -
Date: Wed, 10 Aug 1994 14:06:17 +1000
Gian-Paolo Musumeci:

> Proofs have been disproven before. Fair enough?

No, not really. False proofs are very rare in mathematics, and don't
last long at all. You can trust this one, I promise.

> Don't assume anything works. Cryptography is very much a paranoia trip.

Evidently!

luke
Message no. 3
From: Stainless Steel Rat <ratinox@***.NEU.EDU>
Subject: Re: Mathematical proofs (Was: Re: Quantum cryptography -
Date: Wed, 10 Aug 1994 09:29:00 -0400
>>>>> "Gian-Paolo" == Gian-Paolo Musumeci
<musumeci@***.LIS.UIUC.EDU>
>>>>> writes:

Gian-Paolo> Proofs have been disproven before. Fair enough? Don't assume
Gian-Paolo> anything works. Cryptography is very much a paranoia trip.

After taking this to private e-mail, I've discovered that the Vernan cipher
(the name threw me) is a one time pad cipher (it's a cipher, because there
is a 1:1 relation between the cleartext and the ciphertext). The keys to an
OTP scheme are mathematically unbreakable as long as the numbers are truely
random. This is not to say that the scheme is unbreakable, just that a
mathematical attack to determine the key is futile. The proof is valid.

--
Rat <ratinox@***.neu.edu> |Stay away from them. They're dangerously
http://www.ccs.neu.edu/home/ratinox|volatile, and have a nasty tendency to
PGP Public Key: Ask for one today! |_not_ stay crispy in milk.
Message no. 4
From: Gian-Paolo Musumeci <musumeci@***.LIS.UIUC.EDU>
Subject: Re: Mathematical proofs (Was: Re: Quantum cryptography -
Date: Wed, 10 Aug 1994 10:00:50 -0500
Please reread the sentence "Don't assume anything works." The Vernan cipher
- same as any other OTP scheme - is only secure if the numerics are truly
random. If you have a true random number generator, congratulations, you have
just managed to do something computer programmers have been trying to do for
a long, long, long time. Seeds can be faked, sorry, so even the clock-cycles-
since-startup seed trick of Mathematica doesn't work here.

And in any case, brute-force decryption or cryptographic analysis works just as
well...
Message no. 5
From: Janne Jalkanen <jalkanen@*********.CERN.CH>
Subject: Re: Mathematical proofs (Was: Re: Quantum cryptography -
Date: Wed, 10 Aug 1994 17:24:02 +0200
On Wed, 10 Aug 1994, Gian-Paolo Musumeci wrote:

> Please reread the sentence "Don't assume anything works." The Vernan
cipher
> - same as any other OTP scheme - is only secure if the numerics are truly
> random. If you have a true random number generator, congratulations, you have
> just managed to do something computer programmers have been trying to do for
> a long, long, long time. Seeds can be faked, sorry, so even the clock-cycles-
> since-startup seed trick of Mathematica doesn't work here.

Everything doesn't revolve around computers, you know ;) It is easy to
get true random data by for instance observing radioactive decay. No
problem there.

> And in any case, brute-force decryption or cryptographic analysis works just
as
> well...

If the code is cleverly built, you can get ANYTHING out of a
one-time-pad. I am pretty sure that any standard methods wouldn't work.
(Please someone *show* me a technique that can be used against a one-time
pad effectively. Pointers to literature are also accepted... I'd love to
be wrong in this, but I'm afraid I cannot take an 'trust me there are
ways' as an answer ;)

Janne Jalkanen ///! For those who have to fight for it
jalkanen@******.cern.ch /// ! life has a flavor
Janne.Jalkanen@***.fi \\\/// ! the protected will never understand
-'Keep on going...' \XX/ ! (anonymous, Viet Nam, 1968)
Message no. 6
From: Gian-Paolo Musumeci <musumeci@***.LIS.UIUC.EDU>
Subject: Re: Mathematical proofs (Was: Re: Quantum cryptography -
Date: Wed, 10 Aug 1994 10:28:19 -0500
Effective techniques against OTP: a good cryptanalysis engine or brute force.
That's all I can recall right now.
Message no. 7
From: Stainless Steel Rat <ratinox@***.NEU.EDU>
Subject: Re: Mathematical proofs (Was: Re: Quantum cryptography -
Date: Wed, 10 Aug 1994 11:44:17 -0400
>>>>> "GP" == Gian-Paolo Musumeci
<musumeci@***.LIS.UIUC.EDU> writes:

GP> Please reread the sentence "Don't assume anything works." The Vernan
GP> cipher - same as any other OTP scheme - is only secure if the numerics
GP> are truly random.

Which I've stated on several occasions.

GP> If you have a true random number generator, congratulations, you have
GP> just managed to do something computer programmers have been trying to
GP> do for a long, long, long time.

Observing radioactive decay, counting "cosmic ray" strikes over an area,
there are plenty of ways to generate truely random numbers without using
computers.

GP> And in any case, brute-force decryption or cryptographic analysis works
GP> just as well...

Neither work if the numbers are truely random. In the case of the brute
force attack, your key is the same length as the message itself, so even if
you have to run your algorithm on each individual character of the
ciphertext which is a loose because you can't ever tell you're successful
without breaking a significant chunk of the message. In the case of
conventional cryptanalysis there are no patterns to discover, so that
doesn't work either.

--
Rat <ratinox@***.neu.edu> |"'Regis Philbin?' Some kind of plant?"
http://www.ccs.neu.edu/home/ratinox|--Kwai Chang Caine
PGP Public Key: Ask for one today! |
Message no. 8
From: Adam Getchell <acgetche@****.UCDAVIS.EDU>
Subject: Re: Mathematical proofs (Was: Re: Quantum cryptography -
Date: Wed, 10 Aug 1994 09:27:54 -0700
On Tue, 9 Aug 1994, Gian-Paolo Musumeci wrote:

> Proofs have been disproven before. Fair enough? Don't assume anything works.
> Cryptography is very much a paranoia trip.

This particular proof has stood since the 1940's. Can you
disprove it, or cite something that can?

+-------------+---------------------------------------------------------------+
|Adam Getchell|acgetche@****.engr.ucdavis.edu | ez000270@*******.ucdavis.edu |
| acgetchell |"Invincibility is in oneself, vulnerability is in the opponent"|
+-------------+---------------------------------------------------------------+
Message no. 9
From: Hamish Laws <h_laws@**********.UTAS.EDU.AU>
Subject: Re: Mathematical proofs (Was: Re: Quantum cryptography -
Date: Thu, 11 Aug 1994 09:45:00 +0730
Gian-Paolo Musumeci writes
>Effective techniques against OTP: a good cryptanalysis engine or brute force.
>That's all I can recall right now.

I don't see how you can break any encoding system in which the key
which is only ever used once and is based on randomn numbers. You get one
message which could be "We attack the enemy at dawn." or "Do you want fries
with that?"
How do you break it unless the pad is reused?


*************************************************
There has to be an optimist around here somewhere
*************************************************

Hamish Laws

Further Reading

If you enjoyed reading about Mathematical proofs (Was: Re: Quantum cryptography -, you may also be interested in:

Disclaimer

These messages were posted a long time ago on a mailing list far, far away. The copyright to their contents probably lies with the original authors of the individual messages, but since they were published in an electronic forum that anyone could subscribe to, and the logs were available to subscribers and most likely non-subscribers as well, it's felt that re-publishing them here is a kind of public service.

Thwap!