I think I'm more qualified than most to answer this, since I in fact wrote my first published paper when I was in high school, and it was on cryptography. Most of cryptography is just maths, which is actually more accessible to beginners than other subjects since you don't special lab equipment. I'd say the best way to get into it is to think of a cryptographic problem you'd like to solve, and then just work on it. The problem that got me started was how to prove that you're a member of some group without revealing your identity. There are many different solutions, with different tradeoffs -- so even if a problem is supposedly solved there is often scope for new solutions.
For an idea of where cryptography research is going these days, she should read eprint.iacr.org. A lot of those papers are pretty technical and heavy going, but it will at least give some starting points.
The biggest problem I'd see is not finding a feasible problem, but finding a teacher capable of marking it. I know none of my high school teachers could have marked my cryptography research.
Yes, via spread betting sites. For example, IGIndex (www.igindex.co.uk) lets you bet on where average house prices will be up to 1 year in the future. This doesn't help Americans, because they're not allowed to bet online, and IGIndex only has betting on UK properties which is probably not what most Americans are interested in. But for us Brits, it's a good solution.
You're missing the point entirely. If it were just about key density you'd never get a ratio like they say: 2^15360/(ln 2^15360) > 2^15346, so no key density for 512 bit ECC will get you equivalent security.
The reason they come out the same is that you don't break either system by brute force. There are factoring techniques (ie, techniques for breaking RSA) that run in about exp(2 log(n)^(1/3) loglog(n)^(2/3)). For 15346 bit RSA, this works out to about 2^256 (that 2 was pretty rough, so this isn't too precise).
For ECC, the best methods we have take about n^(1/2), so 512 bit ECC is about as hard as 15346 bit RSA. Of course, people may discover a flash new method for breaking ECC (in fact, some people think they will soon), that would make 512 bit ECC barely any better than 512 bit RSA. But with today's methods the comparison is pretty accurate.
I know quantum encryption is supposed to be the next big thing in cryptography, and make up for all the damage that quantum computers are supposed to do, but I just don't see it. Who has fibre all the way from them to their friend?
And encrypting each hop from me to my friend seems to hardly help at all. Now instead of the evesdropper being able to put a probe on any of the wires, they have to break into one of the routers. But really, who ever heard of someone stealing credit card numbers by digging up cables and putting a probe on them?
And besides, this still doesn't solve the authentication issue. You still need to be confident that the person at the other end is who you think they are. And it seems that solving that is at least as hard as doing the encryption once you know who you're talking to. Specifically, it seems likely that quantum computers will break all our current authentication schemes, but we have no reason to believe that they will break our symmetric ciphers. So even for people with fibre all the way to their friend, a provably secure symmetric cipher replacement is not very useful just yet.
I recently did some tests (ABX) to determine which format could get by with fewer bits, and still have me not be able to tell the difference. My conclusion was that for a significant number of songs (about 20% of the ones I tested) I could easily distinguish 320kb/s lame from the original. That's not to say that I would have noticed it in normal listening, but when I listened carefully I could tell everytime. There were a few places where it sounded really tinny, and I believe that I would tell in normal listening.
With ogg I only found 2 songs where the same is true (and that's at the max ogg setting, which worked out considerably smaller 320kb/s), and even with them I struggled to tell the difference; I know I would never notice this in normal use.
This is running off my home PC (complete with noisy athlon fan), SBLive, and some pretty decent speakers, but no audiophile stuff. I now use ogg for all my music. I would use wav, except that xmms's playlists don't work properly with wavs, for some reason.
M: What are you searching for?
C: I don't know what I am searching for.
M: Then how do you expect to find anything?
C: Dr Richard S. Wallace programmed me to say specific things in specific contexts.
It's really only using 25M. Those four processes are all running in the same address space; that's how linux implements threads. Any time you see several processes with exactly the same memory information, chances are they are threads and therefore the memory should only be counted once.
It's really a situation like the MPAA with DVDs: they say its about piracy, but it's really about control. They are trying to push joint mp3/SDMI players, but which will stop playing mp3s at some point. It is fairly clear that they intend to do their best to prevent mp3s being used, and replace them with their own controlled technology.
1: The encryption works at a different level from the filesystem. If the filesystem gets corrupted, you can still decrypt the data, and you will be in the same position you would be if you didn't use encryption at all. Of course if you forget your password you'll never get the data back, but thats the point.
2: And the blocking overhead? All the algorithms in the patch have 64 or 128 bit block size. This is far less than the size of a disk block, so i wouldn't be worried.
3: There is no exponential operation. You are thinking of RSA, which is a public key algorithm. Public key algorithms have longer blocks and are slower than private key ones. They are necessary when you want anyone to be able to encrypt, but only you to be able to decrypt. Seeing you don't need this for disk encryption, private key algorithms are more appropriate.
4: There are many hardware solutions, but they are generally designed for network encryption. Presumably you could write drivers to get them to do the computation for the disk encryption. Anyway, the processing isn't the main thing killing performance: twofish runs in 17 cycles per byte. The performace killer is that it works through a loopback device, which makes readahead and caching less efficient (i think thats the problem, but i'm not entirely sure about this).
Well, that depends on what your computer speakers are. Its possible to get good speakers that can be plugged into a computer with an adapter, and its cheaper than buying a stereo just for the amp/speakers.
>now that licensing isn't one of them... Uh, last i saw PostgreSQL was under a BSD style license, while MySQL was under the GPL. CmdrTaco may not care about the difference, but i don't think it's fair to say that the licensing is the same.
Yes, the cyrix 733 holds its own against a celeron 500 in most tests. However, a cyrix 733 will cost a lot more than a celeron 500 (as a cyrix 533 costs about the same as a celeron 500).
Tom makes this clear in the conclusion: "To achieve the equivalent application level responsiveness of a meager 500MHz Celeron, the Cyrix III would have to aperate at around 733 MHz. At $75/chip for 1000 units of the 533 MHz Cyrix III, and with street prices expected to dip into the 60's, this microprocessor has only a razor thin price advantage over similarly clocked Celerons..."
So yes, if you get a comparatively faster cyrix, it will hold its own. I'm sure a fast enough celeron could beat a slow enough P3; that doesn't mean a celeron is as good as a P3.
The problem with secret sharing is that (at least in all the systems i've heard of) all the shares need to be created along with the secret. The thing that makes this system better is that only one of the shares can be traced back to you, so they would have to determine that that is the newest of the shares to be able to pin blame on you. With a secret sharing system you would have to generate all the shares, and if any of them is traced to you then you have lost your anonymity.
Yes, the same idea will work, but with *much* more computing. Against a reused OTP, you only have to compuare all pairs of messages, about n^2. If the person used 5 pads plus their own one, you have to do about n^6 combinations, which gets a lot harder. If the system took off even slightly and there were 5000 pads out there, this comes to about 2^64 combinations. While that is theoretically possible, anything much bigger won't be.
From my brief reading of the ruling, i got the impression that it wasn't so much a split as MS being forced to spin off everything but the OS division. So most previous transgressions can still be pinned on the OS company, it would seem.
3. Derived Works The license must allow modifications and derived works, and must allow them to be distributed under the same terms as the license of the original software.
I don't think that StarOffice satisfies this, which is why it's license is called a community source license, not an open source license. Source available does not equal open source.
Right, but according to RMS (I haven't read the model act myself, but I assume that he is right), disclaimers will only be effective for commercial software with 'shrinkwrap licenses' (RMS's words). Free software authors could be sued if their software destroyed a machine.
Slashdot Mirror
I think I'm more qualified than most to answer this, since I in fact wrote my first published paper when I was in high school, and it was on cryptography. Most of cryptography is just maths, which is actually more accessible to beginners than other subjects since you don't special lab equipment. I'd say the best way to get into it is to think of a cryptographic problem you'd like to solve, and then just work on it. The problem that got me started was how to prove that you're a member of some group without revealing your identity. There are many different solutions, with different tradeoffs -- so even if a problem is supposedly solved there is often scope for new solutions.
For an idea of where cryptography research is going these days, she should read eprint.iacr.org. A lot of those papers are pretty technical and heavy going, but it will at least give some starting points.
The biggest problem I'd see is not finding a feasible problem, but finding a teacher capable of marking it. I know none of my high school teachers could have marked my cryptography research.
Yes, via spread betting sites. For example, IGIndex (www.igindex.co.uk) lets you bet on where average house prices will be up to 1 year in the future. This doesn't help Americans, because they're not allowed to bet online, and IGIndex only has betting on UK properties which is probably not what most Americans are interested in. But for us Brits, it's a good solution.
You're missing the point entirely. If it were just about key density you'd never get a ratio like they say: 2^15360/(ln 2^15360) > 2^15346, so no key density for 512 bit ECC will get you equivalent security.
The reason they come out the same is that you don't break either system by brute force. There are factoring techniques (ie, techniques for breaking RSA) that run in about
exp(2 log(n)^(1/3) loglog(n)^(2/3)).
For 15346 bit RSA, this works out to about 2^256 (that 2 was pretty rough, so this isn't too precise).
For ECC, the best methods we have take about n^(1/2), so 512 bit ECC is about as hard as 15346 bit RSA. Of course, people may discover a flash new method for breaking ECC (in fact, some people think they will soon), that would make 512 bit ECC barely any better than 512 bit RSA. But with today's methods the comparison is pretty accurate.
I know quantum encryption is supposed to be the next big thing in cryptography, and make up for all the damage that quantum computers are supposed to do, but I just don't see it. Who has fibre all the way from them to their friend?
And encrypting each hop from me to my friend seems to hardly help at all. Now instead of the evesdropper being able to put a probe on any of the wires, they have to break into one of the routers. But really, who ever heard of someone stealing credit card numbers by digging up cables and putting a probe on them?
And besides, this still doesn't solve the authentication issue. You still need to be confident that the person at the other end is who you think they are. And it seems that solving that is at least as hard as doing the encryption once you know who you're talking to. Specifically, it seems likely that quantum computers will break all our current authentication schemes, but we have no reason to believe that they will break our symmetric ciphers. So even for people with fibre all the way to their friend, a provably secure symmetric cipher replacement is not very useful just yet.
Of course not! PNG is lossless, the two images will be exactly the same, not just indistinguishable to you.
I recently did some tests (ABX) to determine which format could get by with fewer bits, and still have me not be able to tell the difference. My conclusion was that for a significant number of songs (about 20% of the ones I tested) I could easily distinguish 320kb/s lame from the original. That's not to say that I would have noticed it in normal listening, but when I listened carefully I could tell everytime. There were a few places where it sounded really tinny, and I believe that I would tell in normal listening.
With ogg I only found 2 songs where the same is true (and that's at the max ogg setting, which worked out considerably smaller 320kb/s), and even with them I struggled to tell the difference; I know I would never notice this in normal use.
This is running off my home PC (complete with noisy athlon fan), SBLive, and some pretty decent speakers, but no audiophile stuff. I now use ogg for all my music. I would use wav, except that xmms's playlists don't work properly with wavs, for some reason.
M: What are you searching for?
C: I don't know what I am searching for.
M: Then how do you expect to find anything?
C: Dr Richard S. Wallace programmed me to say specific things in specific contexts.
Well, there goes any claim to being a human...
It's really only using 25M. Those four processes are all running in the same address space; that's how linux implements threads. Any time you see several processes with exactly the same memory information, chances are they are threads and therefore the memory should only be counted once.
It's really a situation like the MPAA with DVDs: they say its about piracy, but it's really about control. They are trying to push joint mp3/SDMI players, but which will stop playing mp3s at some point. It is fairly clear that they intend to do their best to prevent mp3s being used, and replace them with their own controlled technology.
A few objections:
1: The encryption works at a different level from the filesystem. If the filesystem gets corrupted, you can still decrypt the data, and you will be in the same position you would be if you didn't use encryption at all. Of course if you forget your password you'll never get the data back, but thats the point.
2: And the blocking overhead? All the algorithms in the patch have 64 or 128 bit block size. This is far less than the size of a disk block, so i wouldn't be worried.
3: There is no exponential operation. You are thinking of RSA, which is a public key algorithm. Public key algorithms have longer blocks and are slower than private key ones. They are necessary when you want anyone to be able to encrypt, but only you to be able to decrypt. Seeing you don't need this for disk encryption, private key algorithms are more appropriate.
4: There are many hardware solutions, but they are generally designed for network encryption. Presumably you could write drivers to get them to do the computation for the disk encryption. Anyway, the processing isn't the main thing killing performance: twofish runs in 17 cycles per byte. The performace killer is that it works through a loopback device, which makes readahead and caching less efficient (i think thats the problem, but i'm not entirely sure about this).
Well, that depends on what your computer speakers are. Its possible to get good speakers that can be plugged into a computer with an adapter, and its cheaper than buying a stereo just for the amp/speakers.
>now that licensing isn't one of them... Uh, last i saw PostgreSQL was under a BSD style license, while MySQL was under the GPL. CmdrTaco may not care about the difference, but i don't think it's fair to say that the licensing is the same.
Yes, the cyrix 733 holds its own against a celeron 500 in most tests. However, a cyrix 733 will cost a lot more than a celeron 500 (as a cyrix 533 costs about the same as a celeron 500).
Tom makes this clear in the conclusion:
"To achieve the equivalent application level responsiveness of a meager 500MHz Celeron, the Cyrix III would have to aperate at around 733 MHz. At $75/chip for 1000 units of the 533 MHz Cyrix III, and with street prices expected to dip into the 60's, this microprocessor has only a razor thin price advantage over similarly clocked Celerons..."
So yes, if you get a comparatively faster cyrix, it will hold its own. I'm sure a fast enough celeron could beat a slow enough P3; that doesn't mean a celeron is as good as a P3.
The problem with secret sharing is that (at least in all the systems i've heard of) all the shares need to be created along with the secret. The thing that makes this system better is that only one of the shares can be traced back to you, so they would have to determine that that is the newest of the shares to be able to pin blame on you. With a secret sharing system you would have to generate all the shares, and if any of them is traced to you then you have lost your anonymity.
Yes, the same idea will work, but with *much* more computing. Against a reused OTP, you only have to compuare all pairs of messages, about n^2. If the person used 5 pads plus their own one, you have to do about n^6 combinations, which gets a lot harder. If the system took off even slightly and there were 5000 pads out there, this comes to about 2^64 combinations. While that is theoretically possible, anything much bigger won't be.
From my brief reading of the ruling, i got the impression that it wasn't so much a split as MS being forced to spin off everything but the OS division. So most previous transgressions can still be pinned on the OS company, it would seem.
From the Open Source Definition:
3. Derived Works
The license must allow modifications and derived works, and must allow them to be distributed under the same terms as the license of the original software.
I don't think that StarOffice satisfies this, which is why it's license is called a community source license, not an open source license. Source available does not equal open source.
Read this for more.