Slashdot Mirror
Open Source Mozilla Crypto Released
lunatik17 writes "NSS 3.1 Beta 1 has been released, including a new implementation of the RSA algorithm. This release provides, for the first time, a complete open-source implementation of the Netscape crypto libraries, and will be used in a future version of Personal Security Manager for Mozilla." This is the only significant feature I've found lacking in Mozilla.
Perhaps I am a bit confused, but not quite as you explained it....let me clarify.
I believed that RSA was ONLY a symmetric algorithm and that 128 bit had already been brute forced (I think it was obviously 64 bit I was thinking of) and hence I was saying 1024 bit as the sort of level at which you can think it will not be brute forced inside a generation (though it may become open due to a hole in the algorithm). I just remebered the EFF (wasn't it) building the old-tech cracking box for $100,000 and taking export strength encryption out in 9 secs? And I though it was 128-bit in about 9 days (but it was probably 56-bit or 64-bit).
Just to note if I had been talking public key systems I think I would have gone with 4096 (and not 1024 as it is just too close to the breakable edge). Thanks for clarifying things though :-)
Never underestimate the dark side of the Source
Yeees, the FAQ was last updated on the 10th of this month - after the RSA early release. However, they're not very forthcoming about the legality of it all. They say;
"Now that the RSA patent is in the public domain, Mozilla crypto development can proceed with minimal restrictions"
Now, just what does "minimal" mean, coz they're a bit short on detail? What's the legal standing for us EU folks? You said;
"Is it just me or has the number of people posting to stories who have not looked at the content been increasing to a critical S/N ratio?"
Don't worry - it's just you!!
Slán,
Alison
"It is a miracle that curiosity survives formal education." - Albert Einstein
"minimal" means that you still have to exercise some due diligence to avoid having your software exported to a few "bad" countries such as Iraq and Libya. I'm not sure that this restriction even applies to Open Source software. When you think about it, the idea is pretty futile. All you need is some sort of FTP proxy server outside of the US and anywhere in the world can then get to your file archive.
World Beach List, my latest project.
RSA released the patent to public domain 2 weeks ago.
"Mary had a crypto key, she kept it in escrow, and everything that Mary said, the Feds were sure to know."
The RSA algorithm has been public knowledge for a long time, this is just the patent running out allowing anyone to implement the algorithm in their application. Any good encryption algorithm does not become less secure just because it's a known algorithm. Just look at DES, this has been a standard for 10+ years and it was always public knowledge.
Not necessarily "better encryption". It has just been around and under scrutiny for a longer time, so people have more faith that there really are no holes in it that in some newly developed algorithm.
The illegal we do immediately. The unconstitutional takes a little longer.
--Henry Kissinger
After the M18 builds came out, they stated that the focus is on the next release candidate, and that the builds would get slower (true) and probably buggier (not for me, so far).
Yep! This is my concern & the reason for my question. I'm a developer based in Ireland. So I download the NSS code & hack it into some other application. I then release the lot under the GPL, as required, and the app and source somehow ends up in a country that the US doesn't like. Am I liable?
....)
(My guess it that I'm not. However, since DeCSS I'm not so sure anymore
Alison
"It is a miracle that curiosity survives formal education." - Albert Einstein
My apologies for not expanding on what "minimal" means. I'll update the FAQ to clarify this. Basically the remaining restrictions have to do with people in the U.S. not being able to "knowingly" export crypto code to a few countries (Iran, Iraq, etc.), together with requirements for moizlla.org to notify the US Bureau of Export Administration and NSA when new crypto code gets posted to the mozilla.org site.
Again, I'll update the FAQ to include a more complete explanation.
ok, now where do i start on this one. RSA is a government accepted commercial algorithim... Um...sorry...but i'ld trust the open source community over the commercial/government alliance any day. yea, i know what your going to say 'oh great, another conspiracy theorist'. whatever. with reports of things like echelon slipping out, i no longer entrust my privacy or security in the hands of the powers that be.
"sex on tv is bad, you might fall off..."
I lost my concept of community when my community lost all concept of me.
That's funny... seeing how all these people seem to having trouble running mozilla on their machines.
I run Star Office 5.2, Mozilla, licq, xmms, 3 rxvts all at the same time.. with NO slow down.. and you know what my machine is?? A PoS!!!
350 K6-2, 64 MB RAM...running Debian woody.
I'm sorry but you people who can't run Mozilla BY ITSELF need a little help.
I'm surprised no one's mentioned that you already can read SSL pages in Mozilla, by installing the Personal Security Manager. It's an XP thingy, so you just need to start Mozilla with write privileges, then visit the website:
http://docs.iplanet.com/docs/manuals/psm/psm-mo
and click on the Install Personal Security Manager. Then you can do all your on-line banking and shopping and stuff. I've tried it on the latest nightly build and it works a charm.
NSS is not based on OpenSSL, it is derived from the first set of Netscape SSL libraries. SSLeay and OpenSSL have re-implemented what was in NSS (although with a different API) to provide the same functionality and interoperablity. The good reason not to use OpenSSL is that they have wrote this software and have used it and have tailored the browser to use it long before it could of been released, along with the fact that the code is in C++, the same language as Mozilla. The code is secure enough, it is what sun and netscape use in there iPlanet servers and it is what you use right now in-order to surf the web in a secure fasion under netscape.
This is the only significant feature I've found lacking in Mozilla. How about having a session of pages rendered correctly without crashing? :)
- I don't care if they globalize against free speech. All my best free thoughts are done in my head.
Mozilla doesn't support java, nor does it support the Java 1.3 plugin.
I'm amazed how many people spout this sort of statement without testing their assertions. Just installed the Java 1.3 beta plugin on Mozilla build 2000091908 on my NT 4.0 SP6a workstation. No problems - works like a charm.
Cheers,
Toby Haynes
Anything I post is strictly my own thoughts and doesn't necessarily have anything to do with the opinions of IBM.
All right. I'll have to keep this in mind in the future.
----
ADVENTURERS! - ANTIHERO FOR HIRE - CARDMASTER CONFLICT
Actually, GPG/PGP support would be one of the worst things that could happen to Mozilla and the Net at large.
The reason: we already have a real, actual Internet standard for secure e-mail: S/MIME
Internet standards matter, folks! If you don't believe it, just ask Microsoft - they had to learn the lesson the hard way a few years ago, and barely moved fast enough to avoid oblivion. The Mozilla team show no such agility, sadly.
It was this about-face even more than their abuse of power that established them as the standard Internet platform in so much of the corporate world. Like it or not, Microsoft currently sticks to the important Internet standards better than the Netscape folks.
"The future's good and the present is nothing to sneeze at." - Roblimo's last
if you throw a quatum computer at any sort of modern encryption it will be cracked in an instant
Completely untrue and uninformed. If Quantum computers are one day able to make 1024 bit RSA keys "insecure", moving to 2048 or 4096 bit keys will almost surely still be secure. Quantum computers may possibly make things more inconvenient, but technology will also favor the users of cryptography, and allow them to use more powerful encryption. As qubits grow, so will key lengths.
"It's overkill, of course. But you can never have too much overkill." - Anonymous Slashdot Coward
How about this one:
:^)
12 Netscape windows
Xmms
gkrellm
GnomeCal
6 Gnome Terminals
Vmware
GnomeICU
Gaim
GTK-Napster
Netscape Mail
Gnome Weather
Gvim
gosh I'm tired of typing
# free
total used free shared buffers cached
Mem: 516664 506928 9736 99256 93204 301292
-/+ buffers/cache:
112432 404232
Swap: 272888 3328 269560
I downloaded the lastest (as of 9/20/2000) and gtop now reports 153160k. Not a big improvement. Are your numbers coming from gtop?
-tim
There seems to be one slight point you are missing....every "secure" site out there (AFAIK) uses RSA encryption. We want apache and mozilla to be able to play with everyone else ASWELL as offering technically superior solutions.
Also while RSA has been cracked, the costs of cracking are still appreciable for correct strength encryption (i.e. not that 40 or 56 bit stuff the US government wanted to make all the terrorists use so they could read their communications). AFAIK if you use 1024 bit RSA encryption it is going to take millions of dollars years to break it and that is good enough for my email, even 128 bit encryption is going to take $100,000 a week or two to open. If you are sending data that could have someone willing to spend a fortune to gain access, the best thing to do is to invest a bit of time yourself into verifying the best route for transfering the data taking into account the entire process (key-exchange, route of couriers for possible ambush if any physical acts, tapped lines etc. etc.).
What this NSS is about is howto stop Joe Publics purchase of their T -Shirt online from giving their credit card details to anyone who can packet sniff the route.
Never underestimate the dark side of the Source
I find it exceptionally fast, except when it forces my machine to swap, which it does too often for my liking. Speed doesn't seem to be the problem, memory usage is. The only other major quibble I have is with the ftp client. It's pretty poor compared to even the 4.x version. I only use 4.x for checking my bank details and other security related sites. Other than that I'm using Mozilla all day every day.
<sarcasm>If you don't count usability as a feature...</sarcasm>
Chelloveck
I give up on debugging. From now on, SIGSEGV is a feature.
Here here. I've been avoiding mentioning this also, since I hoped that it was just early code that was running more slowly, or as Pete says, it's the debugging code that's making the screen update slowly.
Of course, I recall that previous Netscape releases were often perceived at being a wee bit slower for some operations than the version I'd been using up to that point, but that after using the program for a short time, the difference wasn't as noticable - especially since I've also upgraded computers over the years. But it boggles the mind to think of all of the performance decreases that programs like this have seen over the years, in favor of extra features that have been added, or the fact that more & more people have accelerated graphics cards that simply don't exhibit the slowness anymore.
Can you imaging how quickly Netscape 1.0 would render its pages on one of today's fast computers? Now that really boggles the mind!
- Mike
Er, you do know that they released their claim on RSA about two weeks before their patent was going to expire anyway?
The theory that they did it for PR reasons makes a lot more sense than your conspiracy theory.
/.
/. If the government wants us to respect the law, it should set a better example.
The fact that RSA released the RSA algorithm into the public domain two weeks before it would have become public domain anyway says very little about the security of RSA. In fact, RSA keys of 4096 bits are still very hard to crack, AFAIK.
And there are other encryption algorithms in use in open source software already, like Diffie-Hellman, another public key algorithm which is supported by NSS 3.1.
>Can you imagine how useless Netscape 1.0 would be on today's web? No JS, no https, no HTML 4.0, no CSS, etc.
JS - turned off except when I really need it, and those pages are slow as anything...
https - gotta have it
HTML 4.0 - well, I haven't seem all that much that makes me go wow... but Scraper 1.0 didn't support HTML 3 either, so there's the bigger loss.
no CSS - turned off... it's a waste so far, and Netscape doesn't do it right (neither does IE, though).
If you want to see what everything looks like with Netscape 1, and other old browsers, check out http://www.dejavu.org/ (note: JScript required)
--
"It's tough to be bilingual when you get hit in the head."
[...]I'm not an encryption expert,[...]
Obviously.
--K
Yeah, I know, IHBT.
---
No, NSS is based on the original SSL library that Netscape developed for Netscape Navigator 1.0 and subsquently enhanced through the years. NSS is independent of OpenSSL/SSLeay and (to my knowledge) doesn't have any code in common with it.
NSS is going to be included with Netscape 6 (as it was with Netscape COmmunicator 4.x), and Netscape (actually, iPlanet, the Sun/Netscape Alliance) donated the code for use with Mozilla as well; the iPlanet developers also created new code for the RSA algorithm and other crypto algorithms, to replace the code originally used, which was from the proprietary BSAFE crypto library created by RSA Security.
There's no reason in theory why OpenSSL couldn't be used with Mozilla as well, either as an alternative SSL implementation to NSS or just as a crypto library called by NSS; however no one has yet developed and released all the code necessary to make OpenSSL work with Mozilla. You should contact the OpenSSL developers for more information, as I don't have any special knowledge of what their plans are relating to Mozilla.
The actual algorithm has been available to anyone interested for as long as I can remeber. In fact, it was taught to me in one of my second-year computer engineering courses. In fact, this website here gives you the math behind the algorithm:
http://world.std.com/~franl/crypto/rsa-guts.html
Basically, you give someone two numbers, E and (P*Q), which they use to encrypt your message. It can only be decrypted using a number which you have kept to yourself, D, and the base, (P*Q). The process of cracking a particular set of keys means factoring (P*Q) into P and Q, from which it is easy to calculate D from E, and thus decrypt a message. The challenge is in the factoring. Both P and Q are primes, and if they are 128bit numbers, it takes a lot of computational horsepower to do that. A fairly new encryption scheme is also available, using a public key method, called elliptic curve cryptography (ECC). With this method, the challenge is in solving discrete logarithms, much more difficult computationally than factoring primes.
It may look like I'm doing nothing, but I'm actively waiting for my problems to go away.
--Scott Adams
Another half feature that'll cause my browser to randomly crash at the worst time possible.
I'm just saying it's more difficult to crack a 'black box' encryption then one that you know >EXACTLY how it works.
----
ADVENTURERS! - ANTIHERO FOR HIRE - CARDMASTER CONFLICT
In theory you can use any JVM with Mozilla. I haven't tried it myself, and don't know if the full support is there yet, but when it is, it'll be far more powerful than Netscape 4.x in this respect. The flash plugin works right now, in fact I was using it yesterday. Just download it and bung it in the plugins directory. Done job.
The web configurator you describe is already present in a simpler way with the installer program. You can choose which components you wish to install and it will download those only. It doesn't deal with plugins, but I see no reason why it shouldn't in the future.
I dunno - I ran nightlys all summer on a 500MHz Pentium III box running NT, and it ran rather nice. Whatever - I still don't use it for daily browsing, since random seg. faults get annoying. Right now, Mozilla crashes after about an hour of use due to seg. fault. Plus some of the QA options now read "bloat" so I'm wondering what they're thinking of these new features themselves.
You are in a maze of twisty little relative jumps, all alike.
The M18 nightlies seem to be making a lot of progress in terms of speed and memory usage. On my AMD K6-2 400 laptop, it's running relatively fast such that it's replaced Netscape 4.7 as my primary browser. The only time it really slows down is when it does a lot of swapping, which is too often (but that's what I get for only having 32Mb, trying to run it along with emacs and Gnome). I recently switched to the classic theme, and that seems to have improved things a bit.
The feature I'm really want, though, is native widgets. And plugins.
To get something done, a committee should consist of no more than three persons, two of them absent.
Most cryptographic algorithms used today are "open source." It's really nice that way because then the world can (and they will) comb through it looking for every possible loophole. Finding bugs only makes the code stronger.
I just really hope Mozilla tested this algorithm thouroughly before deciding to release it. Yes, it's RSA, but as they said - it's a "new implementation." That's the part that sends shivers down my spine.
--
...Now try running the textmode top. Press shift-M.
What you'll see is 6 separate threads each with a memory usage of 25-30meg.
Here's the important part: Each of those threads is using the _same_ 25-30meg chunk of memory. gtop adds them up, and it shouldn't.
Still, I would have to say that 25-30meg is still too big, but it is much more reasonable, and mozilla is, after all, still prerelease software.
* Stability
Needs work, I will say.
* Bookmarks manager
Mozilla has one.
* Working preferences dialog
Works for me, even if it's one of the slowest parts of the UI.
Amoung other things, the nightly builds are probably compiled with debugging information in them. IE is bound to be stripped down to a minimum.
Hey - it's September 20th. Don't some of the RSA patents run out today?? Co-incidental that the Mozilla stuff should be announced today.
....
So where does this leave the Mozilla SSL implementation? Is it now restriction-free, as I know the RSA patent expiration only refers to certain specific algorithms
Alison
"It is a miracle that curiosity survives formal education." - Albert Einstein
That's nice. I'd like to know if there'll be a galeon version using it as not everybody has the amount of RAM you need to "use" Mozilla
they have one...its called pgp.....
use it...embrace it...love it.....
"sex on tv is bad, you might fall off..."
I lost my concept of community when my community lost all concept of me.
Just the words send shivers of delight down my spine... "open source crypto".
But really, it's great to have Mozilla developments like this. Go Netscape!
More importantly, because of the patent, it was released years ago. Remember, the tradeoff in filing a patent is that the government publishes it when you file. So, everyone and their sister has had access to RSA- it's in just about every encrytion textbook, and has been widely discussed and tested (which is why the other poster can confidently discuss how long it takes to brute force it.) The original poster just doesn't have a clue, that's all.
~luge
IAAL,BIANLY
Uh ok where do I start on this one?
--- Justin Dearing http://www.justaprogrammer.net/ We're just programmers.
My knowlegde of encryption is limited to a beat up copy of Applied Cryptography by my desk, but I think I can offer a bit of info, since you seem to not know very much about why RSA is in the public domain.
:)
RSA was a patented algorithm. The patent expires today. In an attempt to either defuse publicity surrounding the patent expiration or just be nice guys, depending on your opinion of the folks at RSA Data Security Inc, they released the algorithm into the public domain early. In any case, the algorithm is not some weak piece of crypto that has been cracked. IIRC, the various crypto challenges that have so far been put forth by RSADSI and been succesfully completed involved at the highest a 129 digit number. RSA keys are between 512 and 2048 digits. This algorithm is used in a great many commercial products. It is used in PGP. And it I' pretty sure it is illegal to export without a license
If RSA had a better public key algorithm, they would be selling that one, instead.
Eduardo Ramirez
Wir mussen wissen. Wir warden wissen. I am a wuss
Open sourceing makes very little difference, as the encrypted stuff is very hard to crack, even if you know the algorithm. Knowing the algorithm used doesn't get you very far, as you don't have the keys. RSA is very secure, provided you use big enough keys.
Can you imagine how useless Netscape 1.0 would be on today's web? No JS, no https, no HTML 4.0, no CSS, etc. Mozilla is huge because it attempts to follow all the standards and implement all the technologies, which have grown exponentially since the time of 1.0. If 1.0 had had to do all of that, it wouldn't have run at all.
Point being- don't get nostalgic. In this case, at least, it reeks of not knowing what is going on.
~luge
IAAL,BIANLY
The RSA algorithm has been public knowledge since it was developed. It's release (a few weeks in advance of the patent expiration) simply means people can use it without a license from RSA.
RSA has not been cracked. Some specific RSA keys of particular lengths (e.g., 512 bits) have been discovered. That's no big deal, since we already know roughly how much computational power it should take to crack a given key. And some weaknesses in particular implementations of RSA have been noted. But it's reasonably well understood how much (implementation-independent) security is provided by a given key length, and notwithstanding advances in factoring, that has stood up pretty well.
RSA may or may not have something better but top secret up their sleeves, but if so it hasn't been exposed to the scrutiny of the RSA algorithm. And the most likely areas for improvement are in computational efficiency and things like that, not in security per se.
As important a project as the Mozilla Project is, I honestly don't think that the press it's been getting in recent months has been helping the cause that much. Even though I know that it's a solid design and that when it does eventually come out, it'll be damn powerful, it's looking more and more like it's starting to catch the Daikatana Syndrome.
Remember way, way back when you first heard of Daikatana? Romero (and the community) was pimping that game well ahead of it's ready date. At first, there was general excitement; I even remember a friend telling me that "It'll demolish Quake 2!" (To Romero's credit, Daikatana does indeed put Quake 2 to shame.) Of course, after the initial wave of interest, people quickly began to see that Daikatana was not only a ways from going gold, it had pretty substantial work left to be done. When the game finally did come out, it was already the big in-joke; the fact that there were still some nasty bugs and that the gameplay was only average only served to heighten the humiliation. Romero's "Quake 2 killer" had the distinct dishonor of poking an already pulverized corpse with a pointy stick.
Now, I know that Mozilla isn't on a corporate schedule, and I know that getting it done right is more important than getting it out the door fast. But honestly, How will it reflect on the Open Source Movement as a whole if, by the time the first full version of Mozilla is released, it ends up being the version 4 browser killer in a world of version 7 browsers? What happens if, heaven forfend, Mozilla turns out to be inferior to the commercially available browsers of the day?
On that note, I think that a little less front-page coverage would be a good thing for Mozilla, even here on Slashdot. Expectations are running perhaps a bit too high for a product that still has a fair way to go before release; even some of us geeks are starting to feel the least bit worried that the trumpets have been blaring a bit too loudly for a bit too long now...
Obliteracy: Words with explosions
Mozilla doesn't support java, nor does it support the Java 1.3 plugin. I find this considerably lacking.
Mozilla does support Java on Win32 (yuk!) - the implementation is not there yet on Linux. Mozilla doesn't wrap it up internally as Netscape 4.x did. Check out Project Blackwood for details on the implementation.
Mozilla should eventually come with a web configurator of sorts that would allow people to configure the browser before they download it.
That sounds vaguely possible, but it strikes me that it's easier to have that as something launched by the browser once you have downloaded it rather than by some packaging agent at the server.
As in, I want flash, java, and shockwave. I check them, and I download the browser with these things installed (be they plug-ins or otherwise).
I have no trouble running Flash in Mozilla. I haven't tried the latest Shockwave plugin. Mozilla has plugin-compatability with Netscape plugins, so just set them up for Netscape and they work in Mozilla.
I doubt the plugin manufacturers would have much problem with this (unless they were Microsoft), and it could usher in a new wave of recent-java browsers.
There may be licensing problems with having all the plugins on one server - from what I see, most plugins are distributed from the creator's websites and not from, say, the Netscape plugin collection.
Cheers,
Toby Haynes
Anything I post is strictly my own thoughts and doesn't necessarily have anything to do with the opinions of IBM.
Shameless Plug! If you like trance, tell me what you think!!
I'm sorry, but this is completely clueless.
The reason RSA released their algorithm into the public domain (where it belonged from the very beginning) was that the patent would have expired a week later anyway. Once it expired, RSA would have been forced to release the algorithm into the public domain; this is the way all patents work (you're granted a legal monopoly on whatever is patented for a limited amount of time, up to seventeen years if you keep renewing the patent. In exchange for that monopoly, you must release the item being patented into the public domain once the patent expires).
Also, just because an algorithm is public doesn't mean it is not secure. In fact, all known and trusted algorithms are publicly well-known (many are also patented, so they can't actually be used without a license). This is done for precisely the same reason software is Open-Sourced: peer review. You want people to try and crack the algorithm, because only if people try their hardest and still can't break it is your algorithm really secure.
Also, as for RSA being cracked, while you are technically correct there's the fact that the crack only works on keys up to a certain, relatively small, length. Make your keys nice and long (1024 bits or more, if I remember right; keep in mind that's not even 0.2K) and the crack is useless.
So no, RSA's releasing of the algorithm is no indication whatsoever that it's not secure enough.
----------
I no longer entrust my privacy or security in the hands of the powers that be.
The RSA Algorithim has been around for a while. Its published and there are many implementations that you can see the source of. Now I'm against kew escrow and goverment email sniffers, but I trust the RSA algorithim.
--- Justin Dearing http://www.justaprogrammer.net/ We're just programmers.
Is NSS based on OpenSSL? I read the web page and it isn't clear. Does the open source world really need yet another crypto library? OpenSSL has been around for several years now (although it was originally known as SSLeay, the eay for Eric A. Young, it's first and primary author). It's reasonably stable and secure. I believe that stronghold was originally based on a combination of Apache and SSLeay, although I can't offer any references to back that up. If the dependencies in debian can be trusted, then OpenSSH (in the form of libssl0.9) is used by OpenSSH, the ssl enabled telnet stuff, some apache stuff, and other stuff.
Is this another example of reinventing the wheel? I hope that "a new implementation of the RSA algorithm" is just another way of saying that they're not using the libraries from RSADSA as opposed to saying that they've written another (mozilla-free) version of something that already exists (apache-free) as open source. What would a new implementation provide that wasn't there before?
Can anyone think of a good reason not to use the OpenSSL libraries? I sure would like to avoid code duplication, especially when it's going to suck up RAM on my computer. Even more especially when it's something as tricky and specialized as crypto code. And what's the point of having shared, dynamically linked libraries when everyone goes and writes their own version.
"To blow recursion, you must first blow recus
I think you're think of DES with the distributed.net challenge. IIRC there is an RSA challenge, but the one you mention is DES. 40bit RSA is very weak. 512bit RSA is within the realms of possibility of being cracked by a well financed Government - 1024 bits or more are really what you want to be using with RSA.
RSA gets it security because factoring numbers is "hard". However, with RSA an attack based on factoring is still much simpler than trying the brute force 'Try All The Keys' approach, hence the need for a much larger to key to guarantee security.
G
More specifically if N=P*Q and 0x^3 mod N
Everyone knows N, but only you know P and Q. P and Q are prime and it's _very_ hard to find them from large N. Given a message encoded in this way you have precomputed a quantity D such that
3*D=1 mod (p-1)*(q-1)
From Euler's extension of Fermat's little theorem stating that
a^(tot(N))=1 mod N
whenever a is relatively prime to N. Here tot(N) is Euler's totient function, the number integers less than N which are relatively prime to N. The condition that a be relatively prime to N can be dropped if we write
a^(tot(N)+1)=a mod N
and it can be shown that tot(N)=(P-1)*(Q-1) so 3D=1 mod(p-1)*(q-1) implies that
(x^3)^D=x^(3*D)=x^(1+m*(p-1)*(q-1)) mod N
for some m. A repeated application of Euler's theorem m times gives
(x^3)^D=x mod N
The security of the method depends on the fact that D is very difficult to compute from N. The number 3 is not magic, other exponents are possible.
Although you clearly know it, the original poster did not: With proper choice of N, this has only been "cracked" in the somewhat trivial sense that any public key system can be cracked: with enough computational power, you can determine the secret key from the private key. But increasing the key size makes things safe very quickly. (Of course, you have to a good job coding this all up and choosing N---a non-trivial job).
If security is the only thing you've been missing from Mozilla, I'm glad for you. Java is STILL missing from it, though it's being worked on. For folks like me who use java applets all over the place, this is a show stopper. I've used PSM, and it's been fine where it's accepted. I'd be more interested if there was a declaration that the mail client would get gpg - then it would come close to matching an ie/outlook combo. Till then.... (sigh).
Finally, a Mozilla discussion so I can gripe about memory usage. For the record, I've never had a single complaint about Mozilla, etc. Here is my first.
Running gtop reports a memory footprint of Mozilla (build 2000080712) of 169708k. I'm assuming this is counting resident, shared, and virtual. However, I can run VMWare running Win98 running IE5.5 and use only 120768k. What's up with that?
What is Mozilla doing that it needs more memory than an OS, an OS virtualizer, and a browser?
-tim
It's great to see that the open source browsers can finally be used for "secure" use over the internet, but at the same time I'm wondering why they're using the now-public RSA encryption algorithm.
I'm not an encryption expert, but surely it seems to me that any algorithm that has been released by a company into the public domain cannot be particularly secure, and indeed the RSA has been cracked already. RSA have obviously got something better up their sleeves, and why should open source products always lag behind their closed source counterparts when it comes to innovation?
What we really need is to develop new encryption algorithms for our products rather than relying on the left-overs from commercial products.
Nope, you're wrong. OpenSSH and Gnupg are open source and no one has managed to crack them. The reason is not that it isn't possible, but because both algorithms use keys significantly large to necessitate a fleet of machines years of churning to break the encryption.
If you have the time, try cracking an encryption book, it's pretty cool stuff.
It probably has something to do with needing to speak https.
--
I'm not trying to be snide or anything but I think that is a problem particular to your machine. I've been running the nightly builds as well as the "stable" releases for several months now. Debugging code or not, Mozilla is as fast on my machine (PII 366mhz Thinkpad 770Z) as any other similarly capable browser I've tried, including IE 5 and Netscape 4.7, and generally pretty stable. While I don't doubt it may be running slow on your machine, don't be so sure it is the debugging code.
Personally the only real problems I have (besides some already documented bugs) are that it doesn't work with Acrobat reader properly and that sites that do secure banking refuse the connection. (and yes I have the SSL stuff installed) Other than that I use it for 90% of the web browsing I do and it generally works pretty well and is really quite fast. My experiences with it lead me to believe that people complaining about the slowness of it either have some compatibility issues unresolved or are using a very old build. (it was slow for me too at first) While it certainly isn't production code yet, it's getting close and getting there pretty quickly.
.. you just haven't been able to use it without
royalties because of a patent.
That patent is now expiring, without the possibility of a renewal, so RSA released the patent 2 weeks before the expiry. They wouldn't have made much money from it in such a short time,
and so it was a PR stunt.
They have kept it for 20 years(?) or so, and it is one of the most widely used algorithms for public key encryption.
It is still quite good, and an algorithm being old does not necessary equal bad quality. Some of the most regularly used algorithms were developed in the 60-70's.
The RSA-patent aslo has nothing to do with opensource.
2^63, I think -- you've got an off-by-one error.
-- the most controversial site on the Web
Mozilla doesn't support java, nor does it support the Java 1.3 plugin. I find this considerably lacking. Mozilla should eventually come with a web configurator of sorts that would allow people to configure the browser before they download it. As in, I want flash, java, and shockwave. I check them, and I download the browser with these things installed (be they plug-ins or otherwise) I doubt the plugin manufacturers would have much problem with this (unless they were Microsoft), and it could usher in a new wave of recent-java browsers.
I've been using CSS2 constructs on my pages for ages now, and testing them in Mozilla. Granted, there are some things I can't do thanks to IE's broken (and much more incomplete) CSS2 support, but in particular I've found :before and :after to be quite safe.
DNA just wants to be free...
That has already been done, and it's called serpent. You can find more information about it here.
Here's my DeCSS mirror, where's yours?
I still can't stand how slow Mozilla runs on my dual-500!
Think it's about time they released a version with all that debugging code ripped out. The slow UI is a big turnoff.
-Pete
Soccer Goal Plans
Compare this to a few months ago (Every 5 minutes) and it is a vast improvement. I have downloaded other netscape releases less stable than this. If you can't live with restarting your web browser several times a day now though, wait a few months before trying mozilla out.
There have been some significant bug fixes recently. The find on page feature now works when the page has frames, meaning I can now use mozilla to browse the javadocs. Also textareas have gotten a lot more useable and stable recently.
Most of the bugs that I am finding in the nightly builds are now regressions that are usually fixed within a day, so if something major isn't working in the build you download, try again in a couple days.