Domain: project-retrograde.com
Stories and comments across the archive that link to project-retrograde.com.
Comments · 7
-
re: Clearly...
if you ever develop any mechanism that allows end users to encrypt data in ways that nobody other than the intended recipient can decrypt, [...] then law enforcement will want to come after you.
Doesn't even have to be popular.
~W8sJZuq7 boCJv0Mcr Q4npxqWWb SPWEjkPie
csURjLyyc HKtz3QEDq 8oP6j0HrQ u6JyC4b_g
z2Jzf7Kav 3.tilpIRF FAQ_y0dSo ryS4xPmIU
u5gZ3kH2h ekOx5vnJl 71Xfatwso qEXFPG05U
nRSbAZRBA g37p8l7MN NIeE2_XCv 9nokyg_ND
fSMYPfWDr 3LVcUq916 osfEWSsXV DgHRgYS8u
atUHjkrwN 2I3ozXKH3 4fvV1vdq1 TIng05Fm.
bV8rXOR2S yiYSqUl8H _a1ELHDb9 fHGMadoW2
tf7jnCUC6 TqnOHzFDH 00Secret Key: hunter2
-
Re:Only Outlaws will Have Encryption
If ITAR is again applied to encryption then the US will stop being able to sell pretty much any technology overseas and most people in the US who aren't complete morons will just import hardware and software from free countries where encryption is allowed.
And those systems will wind up being used by our government -- complete with possible foreign backdoors.
Encryption is not rocket science. Here, have some of mine. It's a CBC protocol that uses any one-way hashing algorithm to create two-way cipher akin to the new hotness "Authenticated Encryption". Basically, the initialization vector is transmitted in the clear as the first block of data. It's discarded in the output, but serves the purpose of salting the HMAC with your key. The output is then used to encrypt the first block of data. The plain text of the first block (block0) is then fed into the hash algorithm to create HMAC( key, IV + block0 ) = key1, which encrypts the second block. The plain text of the second block (block1) is fed in to create: HMAC( key, IV + block0 + block1 ) = key2, and so on. To decrypt you need the secret key and the untampered initialization vector (which contains no data and is randomly generated each time). Then, each subsequent block requires the prior blocks to all have been decrypted correctly and untampered, otherwise they get scrambled. You can make this authenticated encryption by including a constant value at the end of the data stream. The implementation for text just detects that any change in the data makes the utf-8 encoding fucked to detect tampering.
It's a little more complex than that since I use a substitution table to thwart chosen plaintext attacks and building of rainbow tables based on the IV alone), not to mention key stretching. Bottom line, though: Any one-way hashing function is now a crypo function. If you outlaw end to end encryption you must now also outlaw all authenticity checking.
-
Re:Privacy is a civil liberty, Jeb
That sounds like a threat... "If you make encryption, we won't bother with protecting civil liberties any more."
Well, considering we don't need them to "protect" our civil liberties thanks to the 2nd amendment, have some "new" encryption I've created.
Spaces can be added to work around the stupid wordfilter. Leave the key empty to decipher:
~3p_ES C7SrJqU ljjK2y _U3x9a 0daJ HVi9L 2Ri.O jUm .NsQLZx 7Ac5geK 4FL fg9as
x6lecS wlZDj 1L38y Pduho LQ6HeaTq pVCE4u kR oBo9Nt ZcseeJl3 o6HJ wCfG4D YbUlZ4UIf that was a "threat", let's hope they promise to keep up their end of the deal.
This cipher is a cyclic block chain designed to work with hashing functions. One can upgrade the algorithm by dropping in any hashing function, which is then converted from a one way hash into a two way cipher. The key is HMAC'd and stretched then each block is encrypted with the digest of all prior plaintext up to that point. This doesn't require recomputing the hash for the entire input length since one can clone a hashing function just before performing its final digest rounds. Stories like TFA just make me dedicate my break time to performing my next crypto trick: Adding memory hardness to the cipher.
The common wisdom of "don't create your own ciphers" is dumb. That just allows creation of single points of failure. Study some basic crypto, it's quite easy, then learn how to string together crypto primitives to create secure custom ciphers. Consider that each new cipher requires man hours to write a brute force cracker for, not to mention the cryptanalysis time per cipher to possibly improve such brute force attacks. The more ciphers that exist the more secure we all are. If I can do it, nothing is stopping any "terrorist" or criminal from doing so. Thus, laws that prevent encryption do not make law enforcement's job any easier, it only makes life for civilians harder and less secure.
When it comes to laws against things, encryption is a totally different beast: If you outlaw encryption, only outlaws will make up your citizenry.
-
Good Luck with that! Strong Crypto is EASY!
Did you know anyone can create their own very strong cipher by constructing it with established crypto primitives? Contrary to popular belief "don't roll your own" is NOT good advice. That creates what we real security researchers call a "single point of failure", due to everyone using the same crypto suites.
in this CBC system we use SHA-1 and HMAC to create key expansion with key stretching. Then a random initialization vector is perpended as the first block, and the block is hashed with the SHA-1 then XORed with the next plaintext block. The IV + plaintext block is fed into a SHA-1 hash which then XORs the second block of plaintext. The third block is XORed with the hash( IV + plain1, plain2 ). The fourth block is XORed with the hash( IV + plain1 + plain2 + plain3 ), etc. Though the public version is SHA-1 (which is still fine for this, don't buy the FUD), I can drop in a SHA256, SHA3, or any hashing function to "upgrade" the cipher. The internal hash state is cloned before performing the digest for each block so it can continue to add plaintext and thus runs in O( n ) time not O( n! ) as it seems.
Decryption requires that each prior block's input not be modified. The deciphered block is fed into the hash and its digest decrypts the next block. Thus, turning any "1-way" hash into a 2 way stream cipher, and even if you encrypt the same message with the same key, you never get the same output due to the random init vector (browsers have crap random number generator, so user input & timing is hashed to supply the randomness). A full SHA-1 hash round per block is stronger than most stream ciphers provide today, and still runs very quickly. This also avoids chosen plaintext attacks.
This is a simple form of keyed "authenticated encryption", which is the new hotness in crypto ciphers. Such homebrewed systems were developed over a decade before the mainstream crypto community was even working on such things (the original version used MD5 in 1992). You can construct crypto from any pseudo random number generator, the stronger the better. This is made all the more difficult to crack since there's no dedicated hardware or software created to crack it -- Just being a new configuration means it requires more manpower to develop the cracking tools. Imagine not knowing what cipher it is as being part of the bit-strength of the cipher. Everyone who needs strong crypto should just roll their own, and let the powers that be spin their wheels trying to break crypto with the wrong tools.
Dasvidaniya NSA SJWs.
-
Re:Terrible name considering...
The first thing I though of was the http://en.wikipedia.org/wiki/Blink_element/ I can only imagine how much easier it will be for Google to track us via a custom HTML and extensions it implements...
Which is doubly odd, because I just recently used the forbidden <blink> element once, in all my years of development, to create a blinking terminal-like cursor for a few quick one-off temporary landing pages (excerpts from my old text based BBS game).
Firefox actually renders the "cursor" blinking... Guess which browser doesn't? Chrome.
-
The new Ubuntu was the best thing to happen to me!
After trying to use the beta, and now release, and after months of fighting Unity in the the prior versions: I got so fed up that I actually started creating my own OS from scratch! Well, from Assembly... Initially anyway.
First I made a Hex editor for RAM (in under 446 bytes) that can call into the edited memory. I wrote that to a USB drive, plugged it into a spare computer which is now Dev Machine Zero. After booting the MBR hex editor I created a "Save RAM Segment to Disk" by manually inputting binary op codes (machine code). Once I could save my work from RAM to disk, I began work on a simple 2 stage chaining boot loader -- It already lets me multi-boot and supports my extensible hash-based encryption, which I use for signing/decrypting the 2nd stage loader and primordial kernel. As soon as I'm done implementing keyed SHA3 I'll use it to support full drive encryption at boot. It been little over a week of evenings and my bootstrap loader now replaces GRUB on all my systems. I'm also about 1/4th of the way through my new assembler language (it's currently a subset of 8086 only); When it's done I'll extend the Assembler using itself to support macros and finally begin bootstrapping myself into a compiler for a higher level language, like C (or maybe a C-ish lang of my own design).
I sometimes do low level work on custom embedded systems programming, so I know a bit about OS development / design. I could use a cross compiler and/or a VM in a host OS, but I where's the fun in that? Besides, I can PROVE my bootstrap and compiler process didn't inject any back doors (as in Ken Thompson's Trusting Trust). There simply was no room for back-doors; I can "trust no one" because every last byte is accounted for.
It's been forever since I wrote any Real Mode code; Ah fond memories: Outputting MOD files to the PC speaker, low res 320x200 256c graphics, direct disk IO, 640K + "High Memory"... I'll almost be sad to make the switch into Protected Mode and write the device drivers & file systems.
Well, Thanks Ubuntu! I've had this idea for an Agent oriented OS kicking around for a while -- If it weren't for your usability failures pushing my frustrations over the edge I would still just be thinking, "Any idiot could do better than this!" instead of actually giving it a shot. Also, to all those "why re-invent the wheel" types: When's the last time you saw a wagon wheel on a sports car, eh?
I'm still a loyal NetBSD & Slackware luser, but screw Ubuntu. I still have to use Ubuntu for testing packaging of my other projects, but instead of fighting the UI or glitches now I just take a deep breath, get a fresh cup of coffee and add a new feature to the only OS developed with my usability in mind.
-
It's not like encryption is hard to do...
I mean, if two parties have pre-shared a key phrase, then there's nothing they can do to prevent any "bad guys" from encrypting their data. I mean, this just makes it possible to spy on innocent citizens. Bad guys who blow shit up aren't going to care about violating a gods damned law about social sites they run.
>_< DERP!I created an algorithm that turns a one way hashing algorithm into a two way cipher via key expansion, HMAC, and Cypher Block Chaining. My fellow indie game devs and I use the Retrograde Cipher to exchange credentials related to our project (like our Youtube account password) on our forums. (Yes, it's open source and registered with the BIS, per requirement). If anyone gets access to our SQL database or private forum archives, they don't get all our other passwords in the posts with our encrypted blobs.
If I can invent an extensible encryption system just for grins, then what can the "bad guys" do?
So, what about bugging every house in the nation? I mean, do we still have the right to whisper in each other's ears?! If so, then I don't think any sort of online back-doors are going to help against anyone who really wants to secure their data. This is a very slippery slope.
Now, I'm required per export control regulations to provide the source code of my encryption algorithm at a specified address (the above address is the one registered) -- The source code is JavaScript (the horror!), but that means that I'm legally required to provide *this* encryption service to the world, not some changed version with a back door -- Even if I did put a back door in, I'd still be LEGALLY required to provide the old version too! There is NO WAY for me to insert a back door! If you encipher something with Retro Cipher, I can't decrypt it! Say you enciphered a message and posted it somewhere, like, on Faceblock or even in this very post. Tap as they might, it's not going to help anyone decipher the data without the secret key! Furthermore, you can download the code and run it locally. Post enciphered blobs all over the net and only your buddies with the secret key can read it. WHAT'S THE POINT OF TAPPING? All they'll really get is IP addresses to prove who sent what to whom (Thank gods for TOR), but that's already recorded elsewhere -- They don't need to do this.
I run a "social network" (an online forum), and I CAN'T COMPLY WITH THEIR DEMANDS, per US law. How the hell will Slashdot or Facecrook or Twanker change their code to decipher such enciphered blobs? If we Really wanted, we could be using PGP keys to encrypt our posts. Is that what they really want us to do?! Cryptography has already made Wire Tapping obsolete.
Here's a Retro Cipher sample:
cJTF22rC292_8d5hw-aTsCYefnY.40mum
Kh0G0xToPXIAJzAJynBPzg.0rnI5Tft6i
n05ftyYSKRlCowxAyZlIHgA5lb9XVFxQ
The secret key is: 1eyed-Kid