I am not referring to skepticism, nor am I discouraging people to find his paper and really give it the go-over it deserves. That's how all of the other cryptosystems you point out were broken.
What I am complaining about is all the posts which say, "I read in a book that you can't prove a cryptosystem secure!" or "It's the same as a one-time pad!" or "His key assumption is wrong!" or whatever else. My point is that while his proof may have an error, or there may be subtle issues about him proving the wrong thing, the NYT article does NOT give anyone here enough information to start tearing his work apart. Cast doubt? Perhaps. But an outright claim that he is wrong, or that he is repeating work that's already done (based on the superficial Science Page treatment in the article)... ridiculous. Offensive, even.
Rabin's claim is not unsupported, as far as we know. He says he has a proof, and others seem to agree...
As I understand it, the way you agree on where to start sampling can be much more complicated than you seem to imply. I can ask to start at a particular time, or as soon as a particular sequence of numbers show up, and then I can skip numbers based on any sort of algorithm I choose.
As for doing trial decryptions: This is a totally bogus argument. If the key stream is really random, then all possible decryptions are equally likely (assuming a typical XOR-like encryption). How will you know if you've got the right message?
Maybe we should wait to see a real, technical discussion of this before we discard it? Rabin is a pretty big name in cryptography.
I think he has probably proved that it is secure under some more useful assumptions. But, since the NYT has not really explained what kind of metatheory he used to prove it correct, we can hardly say here, right?
"There is also no such thing as a provable secure Cipher."
Why? Can you give me a proof? Under some (reasonable, I argue) assumptions, you can certainly prove that a cryptosystem or protocol meets certain properties that you deem (reasonably, I argue) sufficient for security.
Rabin is not just some crazy guy popping out of the woodwork. You probably use his algorithms if you use PGP or GPG or anything else which needs to generate large primes...
Man, you guys think you're so smart because you read Applied Cryptography and some recreational mathematics books in high school.
Rabin is a bigshot in number theory, being the Rabin part of the very popular Rabin-Miller algorithm for probabilistic primality testing. Your favorite cryptography program almost certainly has an implementation of this in it.
If he says he has a proof, for god's sake, he has one! There's no way the NYT is going to publish enough information for you to seriously dissect his work. In fact, there's hardly enough information there to even get a start at reconstructing his results. Give the dude a break!
Fonts at small sizes often look better in their raw bitmap (or truetype hinted) form; anti-aliasing makes things look blurry. I'm no big font expert on linux, but is it possible to use anti-aliasing for only large fonts (say, 14pt+) and really tiny fonts as Windows does?
Maybe you could use this to tunnel IP over USENET porn?
A LOT of quake is already on I2
on
Quake on IPv6
·
· Score: 3
Lots of internet Quake is played at universities, and traffic between Internet2 schools already passes over I2 backbones instead of the "regular" internet. For instance, anybody with a hookup to the Abilene backbone will get great pings to my Q3F server. Unfortunately, your bedroom is probably not considered an academic institution, so you might have a tough time convincing the I2 people to connect you in, IPv6 or not!
You're crazy, dude. I agree that Java isn't the most well-designed language (there exist a number of better choices). Yet, I challenge you to show me a plausible piece of java code (not something that shells to the system) in a network application setting which allows a mischevious remote user to execute code on the host.
There are plenty of examples of plausible C code which exhibit this behavior. (cf BIND)
Just using a safe language isn't enough, but it sure is a start!
I've been a member of the ACLU for a long time. They do send me Action Alerts and stuff in the mail, sometimes asking me to help with local projects. I don't mind getting that, but I bet they'd stop if I asked them to.
I don't worry about the privacy of my information with them, but if you want to just support them, I'm sure they appreciate anonymous donations!
If you have local users, it's in your best interests to upgrade, since.21 reportedly has a buffer overflow. (See bugtraq) MySQL shouldn't be running as root, but the MySQL user often has access to non-public databases.
You guys all know about the mars orbiter which missed orbit because of a metric (non)conversion error? "Don't-go" fever prevented this thing from getting back on track.
They knew about this error before it was too late, and tried to get the operations people to do a burn to correct its course. However, the operations folks refused because they were worried that it would screw up their schedule (the orbiter was still barely within tolerances). So they went for it and missed.
There are plenty of things wrong with the way NASA does things..
I didn't say that it was entirely a language problem (no bug is), but the language is certainly a part of it. Bounds checking or smart dynamic allocation would have fixed this bug, and the programmer would have had to write less code.
Hey, I only suggest Java because it is similar enough to C to possibly make my dreams come true in the short term. I don't like it either. =)
You'll probably be interested to know that we DO have compilers which generate provably safe code. One piece of the puzzle is TAL: Type safe assembly language. Another is TILT: A type-preserving ML compiler. They've also got projects on compiling safe-c, proof carrying code for transmitting this stuff over the network (without sandboxing), etc. The technology is almost there.
And while I agree with you that the compiler is an important source of more bugs... wouldn't it be nice to plug up holes on the programmer end (since compiler bugs right now also introduce more non-safety) while we wait for this stuff?
Slashdot Mirror
(psst.. Wouldn't it be cool to write something illegal??)
Maybe you will like the very strange untitled.gif , part of the comic soviet of underground keenspot-rejects?
Sure,
Make it difficult/expensive to enforce, and support the EFF.
Start your own DeCSS port project today!
I am not referring to skepticism, nor am I discouraging people to find his paper and really give it the go-over it deserves. That's how all of the other cryptosystems you point out were broken.
What I am complaining about is all the posts which say, "I read in a book that you can't prove a cryptosystem secure!" or "It's the same as a one-time pad!" or "His key assumption is wrong!" or whatever else. My point is that while his proof may have an error, or there may be subtle issues about him proving the wrong thing, the NYT article does NOT give anyone here enough information to start tearing his work apart. Cast doubt? Perhaps. But an outright claim that he is wrong, or that he is repeating work that's already done (based on the superficial Science Page treatment in the article)... ridiculous. Offensive, even.
Rabin's claim is not unsupported, as far as we know. He says he has a proof, and others seem to agree...
As I understand it, the way you agree on where to start sampling can be much more complicated than you seem to imply. I can ask to start at a particular time, or as soon as a particular sequence of numbers show up, and then I can skip numbers based on any sort of algorithm I choose.
As for doing trial decryptions: This is a totally bogus argument. If the key stream is really random, then all possible decryptions are equally likely (assuming a typical XOR-like encryption). How will you know if you've got the right message?
Maybe we should wait to see a real, technical discussion of this before we discard it? Rabin is a pretty big name in cryptography.
I think he has probably proved that it is secure under some more useful assumptions. But, since the NYT has not really explained what kind of metatheory he used to prove it correct, we can hardly say here, right?
"There is also no such thing as a provable secure Cipher."
Why? Can you give me a proof? Under some (reasonable, I argue) assumptions, you can certainly prove that a cryptosystem or protocol meets certain properties that you deem (reasonably, I argue) sufficient for security.
Rabin is not just some crazy guy popping out of the woodwork. You probably use his algorithms if you use PGP or GPG or anything else which needs to generate large primes...
Man, you guys think you're so smart because you read Applied Cryptography and some recreational mathematics books in high school.
Rabin is a bigshot in number theory, being the Rabin part of the very popular Rabin-Miller algorithm for probabilistic primality testing. Your favorite cryptography program almost certainly has an implementation of this in it.
If he says he has a proof, for god's sake, he has one! There's no way the NYT is going to publish enough information for you to seriously dissect his work. In fact, there's hardly enough information there to even get a start at reconstructing his results. Give the dude a break!
I'd trust Rabin before I trusted Schneier, actually. After all, Schneier writes about Rabin's algorithms in his book, not the other way around...
Can you prove that proving a cryptosystem unbreakable is impossible? I think it's pretty easy for something like the "one time pad", actually.
Fonts at small sizes often look better in their raw bitmap (or truetype hinted) form; anti-aliasing makes things look blurry. I'm no big font expert on linux, but is it possible to use anti-aliasing for only large fonts (say, 14pt+) and really tiny fonts as Windows does?
I feel compelled to post because my login name and initials are "twm".
http://www.attrition.org/~wrlwnd/crypto/steanograp hy/jpeg-steg/
Maybe you could use this to tunnel IP over USENET porn?
Lots of internet Quake is played at universities, and traffic between Internet2 schools already passes over I2 backbones instead of the "regular" internet. For instance, anybody with a hookup to the Abilene backbone will get great pings to my Q3F server. Unfortunately, your bedroom is probably not considered an academic institution, so you might have a tough time convincing the I2 people to connect you in, IPv6 or not!
That would make a good name for it:
SAUREC
... sounds evil.
You're crazy, dude. I agree that Java isn't the most well-designed language (there exist a number of better choices). Yet, I challenge you to show me a plausible piece of java code (not something that shells to the system) in a network application setting which allows a mischevious remote user to execute code on the host.
There are plenty of examples of plausible C code which exhibit this behavior. (cf BIND)
Just using a safe language isn't enough, but it sure is a start!
I've been a member of the ACLU for a long time. They do send me Action Alerts and stuff in the mail, sometimes asking me to help with local projects. I don't mind getting that, but I bet they'd stop if I asked them to.
I don't worry about the privacy of my information with them, but if you want to just support them, I'm sure they appreciate anonymous donations!
Too bad... they had a nice, uh, logo.
If you have local users, it's in your best interests to upgrade, since
You guys all know about the mars orbiter which missed orbit because of a metric (non)conversion error? "Don't-go" fever prevented this thing from getting back on track.
They knew about this error before it was too late, and tried to get the operations people to do a burn to correct its course. However, the operations folks refused because they were worried that it would screw up their schedule (the orbiter was still barely within tolerances). So they went for it and missed.
There are plenty of things wrong with the way NASA does things..
Maybe it'll also usher in a new "millenium" of spelling errors and powerpoint presentations!
But wait: it stands for eXtensible Markup Language. What does that make it now?
This scares me less than Microsoft driven voting systems.
I didn't say that it was entirely a language problem (no bug is), but the language is certainly a part of it. Bounds checking or smart dynamic allocation would have fixed this bug, and the programmer would have had to write less code.
Hey, I only suggest Java because it is similar enough to C to possibly make my dreams come true in the short term. I don't like it either. =)
You'll probably be interested to know that we DO have compilers which generate provably safe code. One piece of the puzzle is TAL: Type safe assembly language. Another is TILT: A type-preserving ML compiler. They've also got projects on compiling safe-c, proof carrying code for transmitting this stuff over the network (without sandboxing), etc. The technology is almost there.
And while I agree with you that the compiler is an important source of more bugs... wouldn't it be nice to plug up holes on the programmer end (since compiler bugs right now also introduce more non-safety) while we wait for this stuff?
I think you mean "quaternary"?
;)
What would be REALLY cool would be code for a protein which decompressed the rest of the stream....