You're misinformed, I'm afraid. Most of the Polish techniques relied on exploiting weak indicator systems used by the sender to convey the start positions of the Enigma rotors to the recipient. The indicator system was changed in May 1940, obsoleting the Polish techniques. British codebreakers responded with other methods, primarily the Turing-Welchman bombe, which required a short "crib" of known plaintext (most of the Polish techniques were ciphertext-only attacks).
I would also question whether the Polish mathematicians (Marian Rejewski, you're thinking of) actually introduced new theorems into mathematics. I believe that the theorem which is sometimes called "the theorem that won World War II" was already known. Rejewski's insight was that this branch of abstract mathematics could have an application in cryptanalysis -- something that nobody had ever thought of before.
Breaking Enigma wasn't a one off-event (like breaking an egg). You had to do it each time the settings changed, which was at least once a day. So it's quite accurate to say that Bletchley Park broke Enigma, and that Polish mathematicians broke Enigma (and the US too). As considerable as the Polish work on Enigma was, the British work was certainly quite comparable as an accomplishment in its own right.
It is true that the Polish contribution is often overlooked, but we needn't diminish BP in order to rectify that state of affairs.
(A bit off-topic, but, because it's not as widely known as it should be, it might also be good to point out the considerable contributions of Polish and American codebreakers to the reading of Enigma. The Polish had been solving Enigma since the end of 1932. Shortly before the start of World War II, they passed their techniques and knowledge onto the British. Without the Polish head start, it would have taken Bletchley Park much longer to get going on Enigma (if at all). The US chipped in later.)
The problem is we have very little information to go on when it comes to the NSA's abilities. Sure, we know they knew about differential cryptanalysis 20 years before academia, but that's only one data point; it's dangerous to extrapolate too much (although it's great fun to speculate!)
Consider, it took the IBM cryptographers less than five years to discover differential cryptanalysis (they called it the "T-attack"), so maybe open academia were simply unlucky or unfocused when it came to block cipher cryptanalysis?
ROFL, yeah, what the? I've absolutely no idea why people found the correction post to be so incredibly informative. A candidate for some "overrated" moderation if ever there was one.
A link to Wang's SHA-1 paper has been in the "References" section of the Wikipedia article in every version since this story came on Slashdot.
I don't have a problem with you missing the links. I just think you should haved double-checked the article more carefully when it was pointed out to you that the papers were actually there after all, and not started with the "stirring up trouble" and "still a troll" jibes.
Go to the Wikipedia article. Go back to the version when this Slashdot article was posted. Search for "The paper with a the full attack description is now online. [8]". Since then, the article has been updated with references to the CRYPTO 2005 papers. At no point has the Wikipedia article been without a link to Wang's work.
What I'm annoyed about is that you're evidently too lazy to look at TFA to find these papers, even when people tell you that they're there.
Do you understand the difference between a hash function and a cipher? It doesn't appear so. And why on earth, if these researchers were indeed working nefariously for the Chinese government, would they try to publish their results at an American conference? Hmm, yeah...a good conspiracy theory, that one.
Xiaoyun Wang and Hongbo Yu write their names that way in their papers and on their website; that's good enough for me.
Oh, I remember. This is Slashdot and you're trolling. Silly me.
Two of the Chinese researchers (Xiaoyun Wang and Hongbo Yu) were due to present their SHA results at the CRYPTO 2005 conference in the US, but were denied visas in time to attend. Adi Shamir (the A in RSA) ended up announcing this latest result on their behalf. http://cipher-text.blogspot.com/2005/08/visas-for- chinese-crypto-researchers.html
Hard to say, but it'd be harder than either of MD5 or SHA-1 on their own. But there's no point in taking the SHA-1 of the string the second time, if you're trying to avoid the collision attacks. This is because if it's collided before the second SHA-1, it'll collide after, right?
The old RIPEMD was announced broken at the same time as the attacks on MD5 etc. There have been no attacks announced either for the new RIPEMD-160 hash and related variants, or for the longer SHA-2 variants (SHA-224, SHA-256, SHA-384, and SHA-512).
All these hashes are in the same family, but it's not clear at present how likely it will be that attacks will be found on the longer RIPEMD/SHA variants.
I believe Yin presented two papers on the SHA attacks at CRYPTO 2005 a couple of days ago, and the papers had been circulating publically for a while before that.
Have you ever noticed how you never hear the names of these Chinese researchers...Professor Xiaoyun Wang and her colleagues (for SHA-1, Yiqun Lisa Yin and Hongbo Yu) have broken the greater share of the popular hash functions: MD4, MD5, SHA-0, SHA-1, RIPEMD...and the only name that gets mentioned is "Bruce Schneier reports that Chinese cryptographers...". Not to belittle Schneier, but what these anonymous "Chinese cryptographers" have achieved is exceedingly significant in the field of cryptography, and the least we can do is mention their names occasionally, right?
Slashdot Mirror
Except that Colossus and Heath Robinson were used to break the Lorenz cipher, not Enigma.
LOL, I'm one of the authors of that page.
You're misinformed, I'm afraid. Most of the Polish techniques relied on exploiting weak indicator systems used by the sender to convey the start positions of the Enigma rotors to the recipient. The indicator system was changed in May 1940, obsoleting the Polish techniques. British codebreakers responded with other methods, primarily the Turing-Welchman bombe, which required a short "crib" of known plaintext (most of the Polish techniques were ciphertext-only attacks).
I would also question whether the Polish mathematicians (Marian Rejewski, you're thinking of) actually introduced new theorems into mathematics. I believe that the theorem which is sometimes called "the theorem that won World War II" was already known. Rejewski's insight was that this branch of abstract mathematics could have an application in cryptanalysis -- something that nobody had ever thought of before.
Breaking Enigma wasn't a one off-event (like breaking an egg). You had to do it each time the settings changed, which was at least once a day. So it's quite accurate to say that Bletchley Park broke Enigma, and that Polish mathematicians broke Enigma (and the US too). As considerable as the Polish work on Enigma was, the British work was certainly quite comparable as an accomplishment in its own right.
It is true that the Polish contribution is often overlooked, but we needn't diminish BP in order to rectify that state of affairs.
Well, the current director of Bletchley Park is a woman -- Christine Large. Not sure she'd be most /.-ers cup of tea, though:
e /christineanddougrayscott.gif
http://www.hijackingenigma.com/Hijacking%20Websit
Yes, it's certainly hyperbole.
(A bit off-topic, but, because it's not as widely known as it should be, it might also be good to point out the considerable contributions of Polish and American codebreakers to the reading of Enigma. The Polish had been solving Enigma since the end of 1932. Shortly before the start of World War II, they passed their techniques and knowledge onto the British. Without the Polish head start, it would have taken Bletchley Park much longer to get going on Enigma (if at all). The US chipped in later.)
The problem is we have very little information to go on when it comes to the NSA's abilities. Sure, we know they knew about differential cryptanalysis 20 years before academia, but that's only one data point; it's dangerous to extrapolate too much (although it's great fun to speculate!)
Consider, it took the IBM cryptographers less than five years to discover differential cryptanalysis (they called it the "T-attack"), so maybe open academia were simply unlucky or unfocused when it came to block cipher cryptanalysis?
ROFL, yeah, what the? I've absolutely no idea why people found the correction post to be so incredibly informative. A candidate for some "overrated" moderation if ever there was one.
A link to Wang's SHA-1 paper has been in the "References" section of the Wikipedia article in every version since this story came on Slashdot.
I don't have a problem with you missing the links. I just think you should haved double-checked the article more carefully when it was pointed out to you that the papers were actually there after all, and not started with the "stirring up trouble" and "still a troll" jibes.
On the 18th of August, the Wikipedia SHA-1 version was this:
h _functions&oldid=21254038
http://en.wikipedia.org/w/index.php?title=SHA_has
It contained the following in the External Links section:
* "Research paper containing the details of the attack on SHA-1" on Cryptome.
This stayed in the article until, as you noted, the wonderful Matt Crypto updated it to point to the papers directly on Wang's website.
There was a link to Wang's paper in the Wikipedia article at the time this story was posted.
Go to the Wikipedia article. Go back to the version when this Slashdot article was posted. Search for "The paper with a the full attack description is now online. [8]". Since then, the article has been updated with references to the CRYPTO 2005 papers. At no point has the Wikipedia article been without a link to Wang's work.
What I'm annoyed about is that you're evidently too lazy to look at TFA to find these papers, even when people tell you that they're there.
Links to papers were provided in Bruce's blog and the Wikipedia article.
The Wikipedia SHA-1 article and Bruce's blog both link to the papers published at CRYPTO 2005.
Do you understand the difference between a hash function and a cipher? It doesn't appear so. And why on earth, if these researchers were indeed working nefariously for the Chinese government, would they try to publish their results at an American conference? Hmm, yeah...a good conspiracy theory, that one.
Xiaoyun Wang and Hongbo Yu write their names that way in their papers and on their website; that's good enough for me.
Oh, I remember. This is Slashdot and you're trolling. Silly me.
I was saying that the second SHA-1 provides no extra protection against collision attacks, so you might as well not have it there.
Oh, I must be tired: Shamir is, of course, the *S* in RSA. Crikey.
Two of the Chinese researchers (Xiaoyun Wang and Hongbo Yu) were due to present their SHA results at the CRYPTO 2005 conference in the US, but were denied visas in time to attend. Adi Shamir (the A in RSA) ended up announcing this latest result on their behalf.- chinese-crypto-researchers.html
http://cipher-text.blogspot.com/2005/08/visas-for
You missed it; search the Wikipedia article linked in the story.
Hard to say, but it'd be harder than either of MD5 or SHA-1 on their own. But there's no point in taking the SHA-1 of the string the second time, if you're trying to avoid the collision attacks. This is because if it's collided before the second SHA-1, it'll collide after, right?
The old RIPEMD was announced broken at the same time as the attacks on MD5 etc. There have been no attacks announced either for the new RIPEMD-160 hash and related variants, or for the longer SHA-2 variants (SHA-224, SHA-256, SHA-384, and SHA-512).
All these hashes are in the same family, but it's not clear at present how likely it will be that attacks will be found on the longer RIPEMD/SHA variants.
I believe Yin presented two papers on the SHA attacks at CRYPTO 2005 a couple of days ago, and the papers had been circulating publically for a while before that.
Even if they are unpronouncable ;-)
http://cipher-text.blogspot.com/2005/08/court-case -falls-apart-because-of-md5.html
Just wanted to say, "you think vaguely like me, so hi".
And yes, the lawyer's statement is quite stunning.
> Because dealing with prize money causes acute rectal discomfort and is more trouble than it's worth.
Oh, interesting -- how come? The difficulty in working out the share of everyone involved in the effort?