The major problem with the Child Porn meme (I supposed you'd call it a memetic disorder) is that people are so terrified of saying anything against the negativity surrounding it because of fear of being branded a pedophile.
Thanx for this post. I thought for quite a while before posting, a got my gf to read it and edit it, and still felt I had to put a shitload of disclaimers in it, before I was brave enough to post it non-anonymously.
Whilst I agree with most of your points, the point I will concede to anti-kiddie-porn censors is that to *some* degree, having available depictions of child porn scenes (with adults or anime or whatever) legitimizes in some ways that this is acceptable entertainment, or that the idea of having watching sex with children is entertaining/erotic etc. I am still unsure just exactly how I feel about this, or where you draw the line, but it is difficult.
This could provoke a shitstorm, but it has to be said:
Can we have an informed discussion about the evils (or otherwise as some may argue) of child porn without access to it?
First, to cover some objections:
1. Child porn (that we all can agree is porn, ie non consenting sex with children) continues to violate the victim.
In this case, I agree. However, it may be the case that some victims of this may (for the best of reasons) wish to have this available, perhaps for research, or to prove that it did in fact take place.
2. That it legitimizes or furthers the child porn industry
If the materials were being solicited or purchased then this is almost certainly true, however, apparently the material exists, and some people must therefore have access to them (police for instance).
But, there may well be *legitimate* reasons to wish to access 'child porn'.
The first is that it may well *not* be child porn and is being misrepresented. I know that a police investigator in Australia said that a lot of the stuff they find in pederasts houses is children's clothes catalogues and the like.
The second, related in some instances to the first is for the purposes of research, journalism, discussion and counseling.
Please Note:
I am not apologising for pederasts, paedophiles or child pornographers, I find the idea abhorrent and am glad that our society shares this view. I do not advocate sex with children or support anyone who does. I do not, and never have possessed any material remotely likely to be classified as 'child porn'.
My identity is well known (and easily discoverable), and I am posting this non-anonymously to make the point that you don't have to be some sleazoid hidden away on the net to have an interest in the *topic* of child porn and all that that entails.. I wish to make the point that censorship is censorship, and a lot of the apologists for censorship use porn, and particularly kiddie porn as the excuse to clamp down on freedom. Child porn existed before the net the material was shared thru various networks. Clamping down on discussion of this problem will not make it go away, and in fact will probably make the situation worse.
The point is that people engaging in the sex, soliciting it, purchasing it, or profiting from its exploitation are the criminals.
If someone has a site dedicated to the legitimate discussion of this issue, it may well have disturbing images to get its point across, or to facilitate proper discussion of the issue. I do not believe that this, is in the absence of the above criteria, makes the site or those pictures in that context, or links to the site, illegal or immoral.
there are many advantages to keeping the watermark recognition software under lock and key, to be used only as part of a systematic process of scouring the net for copyright violations.
Sorry to do this to the paranoids out there, but do we have any proof that this is not already happening?
In the absence of a pristine file to check against, new music fresh from the studio and the record company may already be watermarked. There is nothing to lose by doing this for the record companies (or the artist), and perhaps much to gain at a later date.
For older music, this is not an option, as we can check against the originals (but then again, a lot of stuff comes out 're-mastered' from time to time), but there are few, if any, people who could detect such a watermark in new, previously unheard material.
BTW it keeps coming up in this thread, but you cannot defeat many audio watermarks by overlaying a new watermark.
Is this true? In my digimarc trick, I defeated the original watermark with whatever means, then created a new file with a new watermark, on the strongest (most damaging) setting. I then overlayed this file over the original (watermarked) file, and played with the opacity until I had a file that was pretty bloody similar (down to individual pixels a lot of the time), but did not contain a recognizable watermark.
From this file, I could then re-watermark it with my new watermark. The original watermark was gone, the file was nearly identical and contained my new watermark, at considerable less signal strength than originally needed to defeat the watermark.
I am assuming that this technique would work more or less the same with audio files.
I have previously hacked Digimarc watermarks in Photoshop, using only Photoshop and Digimarc. Does this make Photoshop and Digimarc illegal circumvention devices under the DCMA?
The technique was basically to defeat the watermark (using noise or blur or whatever), and overlay a new one on it using the digimarc software. I am willing to bet that basically the same technique would work with sound files, as many of the principles are the same.
If I have access to the SDMI watermarking software (as I am sure to have sooner or later if the clueless fools go ahead with any of this nonsense) then I will be able to replace their watermarks with one of my own. This is pretty funny, not only will I have 'cracked' SDMI, but actually subverted it to my own purposes.
Everybody knows that watermarking will never work, why are they persisting with this madness?
I wish they would get a clue, and offer me something that I want, like good quality songs from complete catalogues available from reliable servers. In which case, I will gladly pay a reasonable tarriff for access to them.
i began programming in 8th grade, but there was no chance in hell i could have afforded to buy a copy of VB at the time....and if i hadn't gotten a pirated copy back then, i wouldn't be nearly as good of a programmer as i am now...
ie, that software piracy helped grow the market, people learn on cracked warez, and when they grow up, buy the real versions, or are employed by people that already have.
Basically, this is so entrenched now that a lot of major companies let you have the stuff for free, either as a demo, or on a non-commercial licence.
There is plenty of evidence that napster et al, like radio, helps grow the market. The RIAA are trying to increase the production of eggs by cutting the heads off the chickens [or insert your own dodgy metaphor here].
The sustainable model for them is to charge a monthly fee (or maybe a fee per gig of download) for access to their databases, and let anyone have whatever they want, whenever they want it. This is the only way to compete with napster.
The probs with napster are uncertainty if your download will finish, dodgy quality or incomplete files, and non-availability of more obscure stuff.
The record companies are able to fix all of that, if they would only grab a clue. The fixes have value over and above what napster provides, so they can charge a reasonable fee for them.
Linux could survive quite easily with at least 3 forks. It is arguable that it has two at the moment with the 8086 versions.
I see mebbe Embedded Linux, 'Official' (Linus) Linux, and Big Iron Linux as 3 forks that could happily live with each other, sharing code wherever possible or neccessary.
I mean, its not like the code is going away... this is Free Software we are talking about here.
His point was that with QC the time taken is close to linear, and not exponential, wih regards to the keylength.
This changes a lot of things. Even with 2048 bit key, assuming a QC is practical, it could mean the end of cryptography as we know it, but this is not something that I really know a lot about, but am very interested in.
In actual fact, your post is very relevant, as I soon realised.
Most crypto systems these days rely on public key encryption to pass the 'session keys', random numbers used as keys by a symmetric algorithm to encrypt the plaintext.
So, assuming you can use a QC to crack/factor the public key, then the strength of the underlying symmetric key, or its keylength is rather moot.
I read an article on reversible computing once (perhaps in byte or wired). I seem to remember that in practice, reversible computing does have an energy requirement, as the processes and materials are never perfect.
Is factoring numbers that useful for symmetric key encryption? I thought that this was mostly useful for breaking RSA and related public key encryption systems.
This is a good point. NSA paranoia is all good and proper, but moderated with some common sense, please.
I seriously doubt the security establishment would allow the finalist to have a weakness that they discovered in what is really quite a short amount of time. If they disovered it, then so could someone else. The 'national security' danger is actually much higher with a compromised AES candidate, than with one that the NSA can break. [insert rant on infrastructural warfare]
Strong crypto is here to stay, and I think finally the NSA realises this. The US and others are all better off with strong crypto than without it.
As others have pointed out at other times, most crypto schemes fail due to weaknesses in implementation or human protocol reasons, not due to weaknesses in the underlying cypher, so there is still plenty of latitude for the NSA. Have you tempest hardened your PC lately? Checked your keyboard for surreptitious key-logging gear? Installed 24/7 armed security guards in the server room?
Ok, NO brute force attack will crack a 256 bit key.
I resort once again to quoting Schneier, Applied Cryptography, Second Edition, pp157, 158: (slightly edited)
"One of the consequences of the second law of thermodynamics is that a certain amount of energy is necessary to represent information. ... an ideal computer running at 3.2deg Kelvin [temperature of the cosmic background radiation of the universe] would consume 4.4*10^-16 ergs every time it set or cleared a bit.
If we built a Dyson sphere around the sun and captured all of its energy for 32 years, without any loss, we could power a computer to count up to 2^192.
These numbers have nothing to do with the technology of the devices; they are the maximums that thermodynamics will allow. And they strongly imply that brute-force attacks against 256-bit keys will be infeasible until computers are built from something other than mattter and occupy something other than space."
Of course, perhaps Quantum computing may change some or all of this, but I am not qualified to comment on that.
Date sent: Mon, 2 Oct 2000 12:36:00 -0400 (AST)
From: Ian Grigg
To: cryptix-users@cryptix.org
Subject: Rijndael is GREEN
Copies to: coderpunks@toad.com, cryptography@c2.net, cypherpynks@cyberpass.net,
dbs@philodox.com, iang@systemics.com
Send reply to: iang@systemics.com
For Release 11.00 EDT Monday 2nd October 2000
Rijndael is GREEN
NIST chooses Rijndael as the Advanced Encryption Standard
Announced today in Washington, DC, the National Institute of
Standards and Technology (NIST) has chosen Rijndael as the
Advanced Encryption Algorithm for the 21st century.
Rijndael -- pronounced Rhine-Dahl -- is the creation of two
Belgian cryptographers, Joan Daemen and Vincent Rijmen.
The Cryptix Development Team congratulates Vincent and Joan on
their extraordinary achievement and announces the immediate
release of the Cryptix JCE and Cryptix 3.2, both enabled with
AES as Rijndael.
International Cryptoplumbing
An international team of open source crypto volunteers from
The Cryptix Development Team supported the cryptographers
participating in the NIST contest, efforts that were recognised
with the award of a Certificate Of Appreciation from the United
States Department Of Commerce.
Raif S. Naffah, from Australia, led the Cryptix AES Support
Project which provided the Java code and tools for most
finalists, including Rijndael, for submission to NIST.
Paulo Barreto, Brazilian mathematician and programmer, provided
coding support for optimising Rijndael implementations; he has
been coding and reviewing algorithms for the Belgian team for
many years, including the predecessor to Rijndael, the Square
cipher.
Free Crypto
Under the terms of the NIST contest, Rijndael is free and
unencumbered for all purposes and all peoples. Cryptix
developers have agreed to match this condition, and hereby
place their Rijndael code in the public domain.
Normally, all Cryptix code is free for all purposes, but requires
acknowledgement of The Cryptix Foundation as owners under an
extremely liberal "BSD licence." Even this condition is now
dropped for the Rijndael code, so that all commercial providers
of Java cryptography, including Sun, Baltimore, RSA Labs, and
IAIK, may quickly offer their customers the best code.
No Arms Race Need Apply
Cryptography has long been treated as a munition by the US
government. Today's decision marks the end of an era stretching
back to the days of Enigma and Magic intercepts. The new
algorithm and the accompanying code base is absolutely unimpaired
by political or commercial limitations.
As a science, cryptography is the special domain of
mathematicians; formulas flow across borders as fast as emails.
As an idea, the Rijndael cipher can be written out in 10 or so
pages of paper, making it impermeable to regulations.
Fuel For The Revolution
As a tool, code for the new AES algorithm is less than 10,000
bytes, and thus cryptography slips into the average application
with less implication on costs than the price of a new PC. As a
building block, AES will help to fuel the new industrial
revolution in electronic commerce. Ciphers such as Rijndael will
keep valuable messages secure in the wild west of the Internet
far better than the old methods of obscurity and regulation.
Released by The Cryptix Foundation Limited, a Nevis corporation
dedicated to the spread of strong crypto.
Links:
NIST announces the winner of AES as Rijndael:
http://www.nist.gov/aes/
The Rijndael page of the Cryptography team, Joan Daemen and
Vincent Rijmen:
http://www.esat.kuleuven.ac.be/~rijmen/rijndael/
Cryptix places Rijndael code in public domain:
http://www.cryptix.org/aes/
Cryptix products JCE and Cryptix 3 now released with Rijndael
as AES:
http://www.cryptix.org/news/02102000.html
http://www.cryptix.org/products/jce/index.html
http://www.cryptix.org/products/cryptix31/index. html
http://www.cryptix.org/products/aes/index.html
About The Rijndael Team
Dr Joan Daemen is currently employed by Proton World
International. Dr Vincent Rijmen is a cryptography researcher
with Katholieke Universiteit Leuven in Belgium.
About Cryptix
Java cryptography was first provided under the label of Cryptix
in 1996. The Cryptix Development Team now includes crypto-
plumbers -- programmers who work with the algorithms and ciphers
of cryptographers to produce code and applications -- from 8
countries and publishes the most popular Java cryptography suite.
Cryptix products are generally published under the BSD licence,
making them free for all purposes when used with due
acknowledgement as to source. The Cryptix implementations of
Rijndael, written as part of our AES support project, are now
placed in the public domain so that all commercial suppliers
can proceed to support the AES without having to give any
acknowledgement.
About National Institute of Standards and Technology
The National Institute of Standards and Technology (NIST), an
agency of the U.S. Department Of Commerce, is charged by the US
Congress with developing standards for industry. Many of its
standards achieve world-wide acceptance, and the predecessor DES
has been accepted as the de facto standard for encryption for
three decades, albeit with much controversy.
About the Advanced Encryption Standard
In order to allay concerns of interference, NIST sponsored the
open competition for the new algorithm, encouraging entries from
around the world. Some 21 submissions were narrowed down to five
finalists.
NIST encouraged competing cryptographers and the NSA (the world's
largest employer of cryptographers and mathematicians) to
critique the algorithms, building up a body of review that led
to today's choice of the new standard.
And RSA's patent is just about to expire (or has done already? a few more hours).
No real crack after 17 or more years... not too shabby.
If SDMI *really* want to, they could achieve this level of uncrackability, but will inevitably need to go to Trusted Client (watch this space, its coming...).
In the end, the simplest thing may be to re-record it with a good mic and good speakers and re-compress to MP3... this will always be an option.
As for watermarking, there may be some tech that can withstand the re-recording process, but I once managed to break digimark pretty easily, using digimark itself, so I don't hold out much hope for watermarks to be a long term solution for anything much except one off scare prosecutions of some sucker who was stupid enough to get in the firing line.
It is actually theft. Even tho the stuff is seemingly streaming out for free, as soon as you put the coil in (or dish, or antenna or whatever) and connect it to something that draws current (TV, hairdryer) you are loading the system and drawing from it. The grid 'feels' it, as it is now being tapped for energy.
It seems as tho it is excess energy radiating out for free, but as soon as you try to use it to do anything, it places a load on the system.
what the napsters and others do is change the rules (but really, they are just the end result of various technological processes and progresses), so it will be interesting to watch what happens.
The napsters and the Free Software movement are interesting developments, and point the way forward to a more enlightened use and control of information.
I mean, this is interesting, you can argue that Michael Jordan is only so rich due to copyright law. If anyone could broadcast a basketball game, how much would he be worth?
The motto of the Rothschild family is (I'm told) "Knowledge is power, and prior knowledge is profit"
Control of information is really the basis of capitalism, and most of the inequalities and general economic nastinesses of this world can be traced back to this.
Slashdot Mirror
Thanx for this post. I thought for quite a while before posting, a got my gf to read it and edit it, and still felt I had to put a shitload of disclaimers in it, before I was brave enough to post it non-anonymously.
Whilst I agree with most of your points, the point I will concede to anti-kiddie-porn censors is that to *some* degree, having available depictions of child porn scenes (with adults or anime or whatever) legitimizes in some ways that this is acceptable entertainment, or that the idea of having watching sex with children is entertaining/erotic etc. I am still unsure just exactly how I feel about this, or where you draw the line, but it is difficult.
This could provoke a shitstorm, but it has to be said:
Can we have an informed discussion about the evils (or otherwise as some may argue) of child porn without access to it?
First, to cover some objections:
1. Child porn (that we all can agree is porn, ie non consenting sex with children) continues to violate the victim.
In this case, I agree. However, it may be the case that some victims of this may (for the best of reasons) wish to have this available, perhaps for research, or to prove that it did in fact take place.
2. That it legitimizes or furthers the child porn industry
If the materials were being solicited or purchased then this is almost certainly true, however, apparently the material exists, and some people must therefore have access to them (police for instance).
But, there may well be *legitimate* reasons to wish to access 'child porn'.
The first is that it may well *not* be child porn and is being misrepresented. I know that a police investigator in Australia said that a lot of the stuff they find in pederasts houses is children's clothes catalogues and the like.
The second, related in some instances to the first is for the purposes of research, journalism, discussion and counseling.
Please Note:
I am not apologising for pederasts, paedophiles or child pornographers, I find the idea abhorrent and am glad that our society shares this view. I do not advocate sex with children or support anyone who does. I do not, and never have possessed any material remotely likely to be classified as 'child porn'.
My identity is well known (and easily discoverable), and I am posting this non-anonymously to make the point that you don't have to be some sleazoid hidden away on the net to have an interest in the *topic* of child porn and all that that entails.. I wish to make the point that censorship is censorship, and a lot of the apologists for censorship use porn, and particularly kiddie porn as the excuse to clamp down on freedom. Child porn existed before the net the material was shared thru various networks. Clamping down on discussion of this problem will not make it go away, and in fact will probably make the situation worse.
The point is that people engaging in the sex, soliciting it, purchasing it, or profiting from its exploitation are the criminals.
If someone has a site dedicated to the legitimate discussion of this issue, it may well have disturbing images to get its point across, or to facilitate proper discussion of the issue. I do not believe that this, is in the absence of the above criteria, makes the site or those pictures in that context, or links to the site, illegal or immoral.
Sorry to do this to the paranoids out there, but do we have any proof that this is not already happening?
In the absence of a pristine file to check against, new music fresh from the studio and the record company may already be watermarked. There is nothing to lose by doing this for the record companies (or the artist), and perhaps much to gain at a later date.
For older music, this is not an option, as we can check against the originals (but then again, a lot of stuff comes out 're-mastered' from time to time), but there are few, if any, people who could detect such a watermark in new, previously unheard material.
Is this true? In my digimarc trick, I defeated the original watermark with whatever means, then created a new file with a new watermark, on the strongest (most damaging) setting. I then overlayed this file over the original (watermarked) file, and played with the opacity until I had a file that was pretty bloody similar (down to individual pixels a lot of the time), but did not contain a recognizable watermark.
From this file, I could then re-watermark it with my new watermark. The original watermark was gone, the file was nearly identical and contained my new watermark, at considerable less signal strength than originally needed to defeat the watermark.
I am assuming that this technique would work more or less the same with audio files.
The technique was basically to defeat the watermark (using noise or blur or whatever), and overlay a new one on it using the digimarc software. I am willing to bet that basically the same technique would work with sound files, as many of the principles are the same.
If I have access to the SDMI watermarking software (as I am sure to have sooner or later if the clueless fools go ahead with any of this nonsense) then I will be able to replace their watermarks with one of my own. This is pretty funny, not only will I have 'cracked' SDMI, but actually subverted it to my own purposes.
Everybody knows that watermarking will never work, why are they persisting with this madness?
I wish they would get a clue, and offer me something that I want, like good quality songs from complete catalogues available from reliable servers. In which case, I will gladly pay a reasonable tarriff for access to them.
ie, that software piracy helped grow the market, people learn on cracked warez, and when they grow up, buy the real versions, or are employed by people that already have.
Basically, this is so entrenched now that a lot of major companies let you have the stuff for free, either as a demo, or on a non-commercial licence.
There is plenty of evidence that napster et al, like radio, helps grow the market. The RIAA are trying to increase the production of eggs by cutting the heads off the chickens [or insert your own dodgy metaphor here].
The sustainable model for them is to charge a monthly fee (or maybe a fee per gig of download) for access to their databases, and let anyone have whatever they want, whenever they want it. This is the only way to compete with napster.
The probs with napster are uncertainty if your download will finish, dodgy quality or incomplete files, and non-availability of more obscure stuff.
The record companies are able to fix all of that, if they would only grab a clue. The fixes have value over and above what napster provides, so they can charge a reasonable fee for them.
Linux could survive quite easily with at least 3 forks. It is arguable that it has two at the moment with the 8086 versions.
I see mebbe Embedded Linux, 'Official' (Linus) Linux, and Big Iron Linux as 3 forks that could happily live with each other, sharing code wherever possible or neccessary.
I mean, its not like the code is going away ... this is Free Software we are talking about here.
Is there a project anywhere?
PATENT IT!
"Everything is permissible" ???
You are not one of those trendy satanists are you? Or do you really believe all of this? Or have I been suckered by a choice troll?
Please let it be the latter ... and we can both have a laugh.
This changes a lot of things. Even with 2048 bit key, assuming a QC is practical, it could mean the end of cryptography as we know it, but this is not something that I really know a lot about, but am very interested in.
Most crypto systems these days rely on public key encryption to pass the 'session keys', random numbers used as keys by a symmetric algorithm to encrypt the plaintext.
So, assuming you can use a QC to crack/factor the public key, then the strength of the underlying symmetric key, or its keylength is rather moot.
I read an article on reversible computing once (perhaps in byte or wired). I seem to remember that in practice, reversible computing does have an energy requirement, as the processes and materials are never perfect.
"Rubber Hose Cryptanalysis"
I seriously doubt the security establishment would allow the finalist to have a weakness that they discovered in what is really quite a short amount of time. If they disovered it, then so could someone else. The 'national security' danger is actually much higher with a compromised AES candidate, than with one that the NSA can break. [insert rant on infrastructural warfare]
Strong crypto is here to stay, and I think finally the NSA realises this. The US and others are all better off with strong crypto than without it.
As others have pointed out at other times, most crypto schemes fail due to weaknesses in implementation or human protocol reasons, not due to weaknesses in the underlying cypher, so there is still plenty of latitude for the NSA. Have you tempest hardened your PC lately? Checked your keyboard for surreptitious key-logging gear? Installed 24/7 armed security guards in the server room?
I resort once again to quoting Schneier, Applied Cryptography, Second Edition, pp157, 158: (slightly edited)
"One of the consequences of the second law of thermodynamics is that a certain amount of energy is necessary to represent information.
... an ideal computer running at 3.2deg Kelvin [temperature of the cosmic background radiation of the universe] would consume 4.4*10^-16 ergs every time it set or cleared a bit.
If we built a Dyson sphere around the sun and captured all of its energy for 32 years, without any loss, we could power a computer to count up to 2^192.
These numbers have nothing to do with the technology of the devices; they are the maximums that thermodynamics will allow. And they strongly imply that brute-force attacks against 256-bit keys will be infeasible until computers are built from something other than mattter and occupy something other than space."
Of course, perhaps Quantum computing may change some or all of this, but I am not qualified to comment on that.
From: Ian Grigg
To: cryptix-users@cryptix.org
Subject: Rijndael is GREEN
Copies to: coderpunks@toad.com, cryptography@c2.net, cypherpynks@cyberpass.net, dbs@philodox.com, iang@systemics.com
Send reply to: iang@systemics.com
For Release 11.00 EDT Monday 2nd October 2000
Rijndael is GREEN
NIST chooses Rijndael as the Advanced Encryption Standard
Announced today in Washington, DC, the National Institute of Standards and Technology (NIST) has chosen Rijndael as the Advanced Encryption Algorithm for the 21st century.
Rijndael -- pronounced Rhine-Dahl -- is the creation of two Belgian cryptographers, Joan Daemen and Vincent Rijmen.
The Cryptix Development Team congratulates Vincent and Joan on their extraordinary achievement and announces the immediate release of the Cryptix JCE and Cryptix 3.2, both enabled with AES as Rijndael.
International Cryptoplumbing
An international team of open source crypto volunteers from The Cryptix Development Team supported the cryptographers participating in the NIST contest, efforts that were recognised with the award of a Certificate Of Appreciation from the United States Department Of Commerce.
Raif S. Naffah, from Australia, led the Cryptix AES Support Project which provided the Java code and tools for most finalists, including Rijndael, for submission to NIST.
Paulo Barreto, Brazilian mathematician and programmer, provided coding support for optimising Rijndael implementations; he has been coding and reviewing algorithms for the Belgian team for many years, including the predecessor to Rijndael, the Square cipher.
Free Crypto
Under the terms of the NIST contest, Rijndael is free and unencumbered for all purposes and all peoples. Cryptix developers have agreed to match this condition, and hereby place their Rijndael code in the public domain.
Normally, all Cryptix code is free for all purposes, but requires acknowledgement of The Cryptix Foundation as owners under an extremely liberal "BSD licence." Even this condition is now dropped for the Rijndael code, so that all commercial providers of Java cryptography, including Sun, Baltimore, RSA Labs, and IAIK, may quickly offer their customers the best code.
No Arms Race Need Apply
Cryptography has long been treated as a munition by the US government. Today's decision marks the end of an era stretching back to the days of Enigma and Magic intercepts. The new algorithm and the accompanying code base is absolutely unimpaired by political or commercial limitations.
As a science, cryptography is the special domain of mathematicians; formulas flow across borders as fast as emails. As an idea, the Rijndael cipher can be written out in 10 or so pages of paper, making it impermeable to regulations.
Fuel For The Revolution
As a tool, code for the new AES algorithm is less than 10,000 bytes, and thus cryptography slips into the average application with less implication on costs than the price of a new PC. As a building block, AES will help to fuel the new industrial revolution in electronic commerce. Ciphers such as Rijndael will keep valuable messages secure in the wild west of the Internet far better than the old methods of obscurity and regulation.
Released by The Cryptix Foundation Limited, a Nevis corporation dedicated to the spread of strong crypto.
Links:
NIST announces the winner of AES as Rijndael:
http://www.nist.gov/aes/
The Rijndael page of the Cryptography team, Joan Daemen and Vincent Rijmen:
http://www.esat.kuleuven.ac.be/~rijmen/rijndael/
Cryptix places Rijndael code in public domain:
http://www.cryptix.org/aes/
Cryptix products JCE and Cryptix 3 now released with Rijndael as AES:
http://www.cryptix.org/news/02102000.html
http://www.cryptix.org/products/jce/index.html
http://www.cryptix.org/products/cryptix31/index. html
http://www.cryptix.org/products/aes/index.html
About The Rijndael Team
Dr Joan Daemen is currently employed by Proton World International. Dr Vincent Rijmen is a cryptography researcher with Katholieke Universiteit Leuven in Belgium.
About Cryptix
Java cryptography was first provided under the label of Cryptix in 1996. The Cryptix Development Team now includes crypto- plumbers -- programmers who work with the algorithms and ciphers of cryptographers to produce code and applications -- from 8 countries and publishes the most popular Java cryptography suite.
Cryptix products are generally published under the BSD licence, making them free for all purposes when used with due acknowledgement as to source. The Cryptix implementations of Rijndael, written as part of our AES support project, are now placed in the public domain so that all commercial suppliers can proceed to support the AES without having to give any acknowledgement.
About National Institute of Standards and Technology
The National Institute of Standards and Technology (NIST), an agency of the U.S. Department Of Commerce, is charged by the US Congress with developing standards for industry. Many of its standards achieve world-wide acceptance, and the predecessor DES has been accepted as the de facto standard for encryption for three decades, albeit with much controversy.
About the Advanced Encryption Standard
In order to allay concerns of interference, NIST sponsored the open competition for the new algorithm, encouraging entries from around the world. Some 21 submissions were narrowed down to five finalists.
NIST encouraged competing cryptographers and the NSA (the world's largest employer of cryptographers and mathematicians) to critique the algorithms, building up a body of review that led to today's choice of the new standard.
End.
Because you can ...
No real crack after 17 or more years ... not too shabby.
If SDMI *really* want to, they could achieve this level of uncrackability, but will inevitably need to go to Trusted Client (watch this space, its coming ...).
In the end, the simplest thing may be to re-record it with a good mic and good speakers and re-compress to MP3 ... this will always be an option.
As for watermarking, there may be some tech that can withstand the re-recording process, but I once managed to break digimark pretty easily, using digimark itself, so I don't hold out much hope for watermarks to be a long term solution for anything much except one off scare prosecutions of some sucker who was stupid enough to get in the firing line.
for a bit of fun:
The Tao of Hacking Digimark"
It seems as tho it is excess energy radiating out for free, but as soon as you try to use it to do anything, it places a load on the system.
A big pile of incomprehensible crap in the main, but there you have the famous lines, attributed correctly.
what the napsters and others do is change the rules (but really, they are just the end result of various technological processes and progresses), so it will be interesting to watch what happens.
The napsters and the Free Software movement are interesting developments, and point the way forward to a more enlightened use and control of information.
I mean, this is interesting, you can argue that Michael Jordan is only so rich due to copyright law. If anyone could broadcast a basketball game, how much would he be worth?
The motto of the Rothschild family is (I'm told) "Knowledge is power, and prior knowledge is profit"
Control of information is really the basis of capitalism, and most of the inequalities and general economic nastinesses of this world can be traced back to this.