It's not the same: prohibiting people from worshiping on Saturday is the sanctioning of Sunday-worshipers over Saturday-worshipers and is thus implied as establishing Sunday-worship as a National Religion.
I beg to differ. Please find me a Con Law professor, reference or Federal court decision which finds them to be substantially different.
If the government is allowed to circumvent a ``shall not'' in one Amendment, they can then apply the exact same logic to circumvent any other Amendment. The reference for that one, by the by, is Alan Dershowitz.
I'm not a Second Amendment enthusiast because I love guns. I defend the Second Amendment because I really, really love the Fourth.
A well regulated militia, being necessary to the security of a free state, the right of the people to keep and bear arms, shall not be infringed.
Please explain how that phriase means that you can carry a concealed weapon.
Simple. The ``shall not be infringed'' means Congress lacks the authority to infringe, in whatever manner, on the individual's right to keep and bear. ``Bear'' means ``carry''. Putting a no-concealed-carry restriction on the Second Amendment means that the right to keep and bear arms is being infringed by Congress--an explicit Second Amendment no-no.
Up until the Fourteenth Amendment came along, states had an unlimited right to enact gun control measures--as was appropriate, since the state was tasked with regulating the militia (as was hinted at in the preparatory language). Ever since the Fourteenth Amendment, though, things have gotten considerably muddier.
I am marginally in favor of gun control laws being applied at the state level. But it's pretty clear that Congress' hands are tied pretty tightly on the gun-control issue. Please don't mischaracterize my position as one of unlimited Second Amendment freedom--the Second Amendment, as originally drafted, merely meant the Federal government could not enact gun control law.
It is not their prerogative, however, to conduct an independent investigation to gather physical evidence, subpoena witnesses, etc. as it is under Finnish and Soviet law.
Please read up on Judge John Sirica's actions during Watergate. You might be extremely surprised by what you learn.
but my point of contention has always been fundamental differences
Sure, as long as you define ``fundamental differences'' narrowly enough. Every time you make an assertion about American courts, I show a historical situation which shows you're wrong, and you go about decrying it as ``insignificant''. Well, of course they're insignificant, as long as you're the one who gets to dictate what's significant. I'm not inclined to let you, though.:)
If you were to draw up a taxonomy of legal systems, the American legal system is going to be placed in or near the "common law" category because that it whence it derives most of its procedures, particularly those relating to the gathering and presentation of evidence in a trial
Oh, why stop there? After all, both Finnish and American courts inherit from the Code of Hammurabi and Justinian's Code, so there are no significant differences between them, right? After all, they both inherit from the same places.
Or, alternately, they're related because Gustavus Adolphus had a significant role in forming both. Gustavus' dream of a Corpus Evangelicorum may not have come true in his life, but he certainly had a tremendous effect in how Scandiavian and German governments were arranged and organized. Many of Gustavus Adolphus' developments were borrowed by Americans and English later, so doesn't that mean they're all related?
Etc.
You get the idea. Whether or not the American legal system is ``based on'' the British legal system is true only if you take an idiosyncratic view of what it means to be ``based on''. The American legal system stands on its own, with influence from other systems, most notably the British--but that doesn't make American courts ``based on'' British courts.
Think about Linux for a moment. Is Linux ``based on'' SunOS? Is it ``based on'' SVR4? Is it ``based on'' FreeBSD? No. It borrows from all of the above plus some, but it stands on its own, independent and co-equal to those from whom it borrowed.
For instance, the difference between the judges' roles in the two systems is negligible compared to that with the judge's role under Soviet-style law, where he is an inquisitor charged with gathering evidence. IIRC even in civil law, the judge has inquisitional powers which he may choose to invoke if he feels the prosecution or defence has failed to gather sufficient evidence
You mean, like the United States courts do?
Check out John Sirica, a United States Federal judge who had the misfortune of hearing the Watergate case. When the government prosecutors went easy on witnesses (in order to protect Nixon), Sirica started interrogating witnesses himself in order to get to the bottom of things.
The White House complained mightily about ``Maximum John's'' method of handling his courtroom, but the Supreme Court backed Sirica up every step of the way.
Just because Federal judges rarely invoke their right to conduct interrogations doesn't mean they lack that power.
Historically speaking, US law is basically British, as opposed to the civil (Roman) law prevalent in most of Western Europe. I am not saying that the legal systems of America and Britain are identical, but rather that there is a strong ancestral relation between the two.
Which is true, as far as it goes. It is not true to say that the courts are based upon a British model. For instance,
Review of Law In England, courts do not review law to determine whether the laws themselves are legal. England lacks a Constitution, which means Parliament can pass essentially anything which pleases it.
Evidentiary Procedure In American courts, the judge's only role in evidentiary procedure is to determine whether or not something is admissible as evidence--whether that be material evidence, or the evidence as given by an eyewitness. In British courts, the judge receives considerable leeway to tell the jury ``you may trust this if you like, but I certainly wouldn't''.
Courts of Law versus Courts of Equity In America, every court of law is a court of equity as well. I'm uncertain as to whether they've been unified in British courts, but at the time America separated from Great Britain, British courts were separated along those two lines.
Status of the Judiciary In America, the judiciary is explicitly granted co-equal status with the Legislature and the Executive. President Bush makes the news a fair bit and the Speaker of the House slightly less so, but most people don't understand that Chief Justice Rehnquist is co-equal to them in the grand scheme of things.
... I could go on, but you get the idea. While there's an awful lot of shared history there, the United States Judiciary is not based upon an English model--it is its own separate entity. It has adopted much from the practices of English courts, but that doesn't make it ``based upon'' English courts any more than a Chevy is ``based upon'' a BMW just by virtue of having four wheels, an engine and a steering column.:)
It is. But by all means, look up the principles of Constitutional law in an (American) law library of your choosing.
Do you have a cite?
Only in treeware form. If you have access to Black's, I'd suggest starting your search there. I'll look around for Web-based cites, if you like.
How do the courts deal with issues of jurisdiction?
The exact same way they deal with every other issue of jurisdiction.
Can a state court find a federal law unconstitutional?
No. State courts can find state law to be in violation of the state constitution, and the Federal courts can find state or Federal law to be in violation of the Federal Constitution.
Yes, each and every state in the Union has its own Constitution, just as the nation has a Constitution.
is the law erased everywhere, or just in that state?
Depends on the jurisdiction of the court in question. Let's take Iowa as an example (for the sole reason that I know the legal districts). There are two regions of Federal jurisdiction in Iowa, the Northern and the Southern Districts. If a judge in the Northern District declares a law to be unconstitutional, then the law is void ab initio everywhere in the Northern District of Iowa--but it's in full force in the Southern District of Iowa, as well as the rest of the country.
Let's say the government appeals that verdict to the Eighth Circuit Court of Appeals, which operates primarily out of St. Louis, Missouri or St. Paul, Minneapolis (they keep offices in both places). The Eighth Circuit has a jurisdiction that covers most of the central United States. Iowa, Minnesota, the Dakotas, Missouri, Arkansas, etc. Let's say the Eighth Circuit affirms the lower court and agrees that the law is unconstitutional.
Suddenly the law is nullified, ab initio, throughout the entire scope of the Eighth Circuit's jurisdiction.
If the government wants to appeal it from there, it goes to the Supreme Court (and there's no guarantee they'll hear the case; the Supreme Court is permitted to refuse to hear appeals, mostly due to the enormous number of requests they get). If the Supreme Court finds that the law is unconstitutional, then the law is nullified ab initio throughout the entire United States, plus its associated territories like Guam, the Virgin Islands, Puerto Rico, etc.
which, like American law, is based on British law
I beg your pardon. American law is not based upon British law. We incorporated the whole body of English common law into American common law after we won our independence, but our legal traditions are not British in origin. In Louisiana, much of the law owes more to the Napoleonic Code than to English courts.
There are strong (very strong!) similarities between American and British courts, but I wouldn't say American law is ``based upon'' British law.
British law, for instance, has no concept--no concept at all--of rights which belong to free people which no government can lawfully or morally deprive. American law is rife with them; the entire Bill of Rights, for instance.
An Ontario court ruled it unconstitutional, but it's still on the books, and you can still be prosecuted for it in the other provinces and territories.
But you can't be prosecuted for it in Ontario, where it's been found null ab initio.:)
Please learn what law is before you go about talking about words like ``guilt''. Let the first lesson commence.
You can only break a law which exists. If there's no law against eating peanut butter and jelly sandwiches on Thursdays, then you can't be guilty of committing the crime of eating peanut butter and jelly sandwiches on Thursdays, can you?
Unconstitutional laws do not exist. This is a cute little piece of judicial fiction, but it makes sense once you think about it. If unconstitutional laws were just simply voided, then that would be an acknowledgment that at one point they possessed legitimacy. Unconstitutional laws never possess legitimacy in the eyes of the court; as soon as the court formally finds that a law is unconstitutional, that law is nullified ab initio, from the very beginning. The law was, in essence, never passed in the first place. It couldn't be passed--because Congress only has the authority to pass laws which are in accordance with the Constitution.
Dmitry may believe the DMCA is unconstitutional. God knows I do. Since unconstitutional laws don't exist--see the above point--Dmitry cannot be guilty of breaking an unconstitutional law--see the first point.
... So please don't say another word about how ``he's clearly guilty of violating the DMCA''. He's not. He's only guilty of violating the DMCA if the DMCA is Constitutional. That's a matter for the court to decide.
Did he violate the DMCA? Certainly. Congress is free to say anything they like, including free to say people shouldn't eat peanut butter and jelly sandwiches on Thursdays.
Is he guilty of violating the DMCA? That's a far different question. Am I guilty if I eat a peanut butter and jelly sandwich on a Thursday? Only if there's a law which forbids it--and since there's no law, I'm not guilty of a damn thing.
The court's duty is to enforce the existing law, not to ratify or amend it. As I understand American law, the judge is not at liberty to simply say, "Well, this law is clearly unfair. Therefore we'll just have to release Mr. Skylarov."
Are you high?!
That was, honestly, my first gut response to your message. You're operating under a critical, severe misunderstanding of how American jurisprudence works.
The Constitution is the supreme law of the land. No ifs, ands or buts here. The Constitution is this nation's highest law; so high, in fact, that it automatically trumps any other law which comes into conflict with it.
No unconstitutional laws exist.
This is actually a little judicial fiction that lawyers tell themselves, because unconstitutional laws are passed on a regular basis. However, the instant that a judge finds a law to be in conflict with the Constitution--i.e., there's a formal finding by a court that a law is inconsistent with the nation's highest law--then the law in question is not merely voided. If it were voided, that would mean at one point it was enforceable. Laws which are held to be unconstitutional are retroactively erased; they are invalid ab initio, from the very beginning. Is the law unconstitutional? If so, then that law doesn't exist and, more to the point, never existed in the eyes of the court.
The judge must uphold the law. A judge is responsible for seeing to it that the laws are properly applied--including the Constitution, the nation's highest law. A judge who will not judge laws for Constitutional correctness is a judge who is utterly incompetent for the bench, and who needs to be impeached.
... If the DMCA violates any of Dmitry's rights under the Constitution--and note that he has a hell of a lot of rights, even though he's a foreigner--then that's it; game over; prosecution loses.
No, I can't support this interpretation because it's unconstitutional. Once the government gets into the business of banning weapons, they can just as easily get into the business of banning religions. There's not much difference between ``those damn handguns! We have to get rid of them!'' and ``those damn Jews! We have to get rid of them!''
If you want to support a Constitutional amendment which would change the wording of the Second Amendment, more power to you. I have no objection at all to people who wish to amend the Constitution to achieve their gun-control objectives. The amendment approach has intellectual integrity; it doesn't try and spin and contort words until the entire Constitution is left inconsistent as an e2fs partition after a five-year old has been playing with the power switch.
But that begs the question of why the preparatory clause was included in the first place, if not to modify the operative clause. None of the other original amendments have similiar wording.
To give context. Or, alternately, for linguistic elegance. The Preamble to the Constitution gives context to the Constitution, even though it's not operative language. For instance, even though the operative language clearly says "the right of the people to keep and bear arms shall not be infringed", the preparatory language explains the intent of the Amendment is to provide for a well-regulated militia--or, to use modern language, an "assembly of armed citizens equipped appropriately for military operations".
I was simply was pointing out that it can be interpreted in other ways.
Oh, I know it can be interpreted in other ways. I just don't think the collectivist interpretation holds any water at all, and I loudly point out the problems with the collectivist interpretation whenever anyone brings it up.:)
[T]hey have no objection to moderate, regulated gun use.
But they won't stand up for gun users, either. That's why I'm not a member of the ACLU. Instead of standing up for a civil right, they quietly duck behind a sophistic argument wherein the Second Amendment isn't a civil right at all (i.e., not a right possessed by individuals), and thus they don't need to worry about it.
That's why, when I'm feeling particularly snippy, I call them the American Civil Liberties We Like Union.:)
Sure, Congress can ban guns and say ``everyone is permitted to carry a club''.
Just like they can ban worship services on Saturdays and tell the Jews and Muslims and Seventh-Day Adventists, ``oh, get over it, everyone's permitted to worship on Sundays''.
The two are equivalent. The two are equally illegal.
I don't see how that equates to carrying a concealed weapon
Simple. Congress has no authority to outlaw it. At the time the Constitution was drafted, the Bill of Rights applied only to the Federal government, meaning it was still lawful for a State government to have an established church (Massachusetts did, for instance), or to forbid their citizens the ownership of weapons. But once the 14th Amendment was passed, and people enjoyed all the protections at the State level that they enjoyed at the Federal level, most state gun control laws also became invalidated.
Note that this doesn't really seem to prevent the states from passing more laws, but hey.
The problem is the inconsistency still exists. The first clause, regarding the well-regulated militia, is preparatory language; the second clause, ``the right of the people'', is the operative language.
The preparatory gives context to the operative, but the edict the government must adhere to is the operative clause--not the preparatory. To elevate the preparatory to the level of operative would invalidate most Federal law existing today--after all, the preparatory language to the Constitution is full of high philosophical ideals which modern Federal law mostly fails to uphold, and as such, if the preparatory language is considered to be operative language, we wind up with another inconsistency problem.
The other problem is that the Constitution already authorizes Congress to field an army for national defense. If the collectivist interpretation was the correct one, then the Second Amendment would ambiguate the Constitution--because Congress may field an army (but is not required), but the entire Bill of Rights is viewed as affirmative law, establishing what the Government must do--i.e., it must not infringe upon the right to free exercise of religion, etc.
And if the Second Amendment is a collectivist right which can only lawfully be implemented by a Legislature, then why was it not amended into the Constitution in the same Article which enumerates the powers of the legislature?
Essentially, the collectivist interpretation (a) ambiguates the usage of ``the people'' throughout the Bill of Rights; (b) it ambiguates the Constitution, changing a MAY permissive into a MUST imperative (to use RFC terms); (c) it ambiguates the very structure of the Constitution by ambiguating the places in which the various powers of the government are delineated.
In essence, the collectivist interpretation makes sense only if you suspend your disbelief.
I know, I know--it's not exactly politically correct in this day and age to say, ``No. That idea's not worth the paper it's printed on. It has no concrete basis in reason or fact.'' I never quite adopted the twentieth- and twenty-first century reluctance to apply judgment to ideas, though--if someone can present a logically consistent framework for their ideas, then I'll grant their idea has validity even if I vehemently disagree.
But if the logical framework is insufficient to support the weight of the proposition, then I have to say, clearly, ``no''.
--I am, by the way, not an NRA member, nor am I fond of their political aims or methods. It is certainly within the rights of the states to pass laws to establish good order in the militia--but most gun control laws nowadays don't even bother with making an attempt at finding Constitutional grounds. They just get passed anyway.
... their explanation is a load of hooey, as any first-year law student can point out. The problem rests in the usage of the word ``the people''. According to the ACLU, ``the people'' in the Second Amendment refers to a collective right held by the State, not an individual right held by the people.
If we are to believe this, then every other instance of ``the people'' in the Bill of Rights needs to be interpreted identically. Otherwise, we wind up in a state of Constitutional inconsistency. While it is not impossible from a legal perspective to have the same phrase mean two completely different things, it is certainly deeply frowned upon.
This is the strongest argument in favor of the Second Amendment being an individual right, not collectivist--because any other interpretation would strip us of all our individually-held rights under the Constitution.
Alan Dershowitz (a well-known and respected attorney) is fervently opposed to firearms, but even he acknowledges the importance of viewing the Second Amendment as protecting an individual right--as Dershowitz says, ``any argument that can be used to take away someone's Second Amendment rights will sooner or later be used to take away their First Amendment rights.''
The ACLU is walking down a very slippery slope here. They know it's a slippery slope, and they don't care. It would be too hard, and too politically unpopular, to defend the Second Amendment. So they don't.
Personally, I think there's a spot in hell close to the fire saved especially for those people who lack the courage to defend the things they do not like in order to stand up for the things they do.
This is no big slight on GCC, because to the best of my knowledge, no other compiler implements export either. Still, it's wrong to claim GCC is ISO C++ compliant. It's not.
Bruce is the Issac Azimov [sic] of cryptography, not its Einstein or Newton.
Asimov had a PhD in biochemistry and taught at Harvard. In addition, he's one of a (very) few authors who ever published in every single categorization of the Dewey Decimal System. Asimov was one of the world's true Renaissance men, the last of a dying breed.
I would suggest you examine Asimov's curriculum vitae if you really wish to claim that Asimov was not among the top rank of scientists.
3DES is in such a way that the complexity of breaking 3DES is only twice that of breaking DES, despite having three times the key length. That is what makes it a bad cipher, the fastest known attack is well short of brute forcing the keyspace.
As I said, have your doctor up your antipsychotic medication. 3DES is not a bad cipher. It has its share of warts and foibles, but those warts and foibles are extremely well-known and no-one, absolutely no-one in the published world of cryptanalysis has ever come up with even a marginally feasible attack against it.
Regarding it needing 196 bits of key (3 64-bit keys) to get 112 bits of entropy, who cares? Really? Use a cryptographically secure PRNG and you can generate 196 bits trivially. If you've got a really sensitive secret, then invest in a true RNG and generate 196 bits that way. It's not a limitation in any sense of the word.
Regarding it being slow, fine, I'll grant you that. It's slow. That means it's unsuitable for certain applications which operate in extremely narrow time constraints. But for the rest of them, 3DES is a champ.
it is merely an extension of a previously broken cipher
DES has never been broken.
Its keyspace has been exhausted by brute force. That doesn't mean DES has weaknesses which have been exploited via cryptanalysis. That's what the word ``break'' means in the cryptanalytic field.
None gives perfect non-repudation
Thank you for conceding the point.
He has mellowed considerably since the FBI got off his case
Well, gee. If I was facing a Federal investigation and multiple felony counts, I'd be prickly, too. But, as you say, he has ``mellowed considerably''. Which means he is no longer ``combustible''. Thank you for conceding this point.
However rather than leverage that deployed base you and the rest of the OpenPGP community spend your time explaining to people why they shouldn't use it.
Please find me a single post I've made, either on USENET or on Slashdot, where I've come down opposed to any reasonable email encryption standard.
As I said before, if you're going to slander a man, you should at least check the facts first.
Wether [sic] or not the law is constitutional is decided in the appellate courts.
No. Any Federal District Court in the land can declare any law to be unconstitutional. It's not exclusively a matter of Circuit or Supreme jurisdiction.
(District Court = local, regional Federal Courts. Circuit Court = appellate court. Supreme = Supreme Court of the United States.)
however he is not regarded in the field as being of the very front rank
On the contrary. I'm in the field, and I regard him as part of the very front rank. I wouldn't say he's another Coppersmith, but he is undoubtedly top-drawer. I'd rank him above Rabin, in fact--unlike Rabin, Schneier knows his limits. (See Rabin's brain-damaged "unbreakable encryption scheme" if you want to see what I mean.)
The only reason to use 3DES is if you are forced to
... Or if you absolutely must have the most well-regarded, most-trusted cipher in history. Remember that the best attack against DES has complexity 2**37, and that's with 2**47 chosen plaintexts. This is a lot... one thousand terabytes of chosen plaintext.
That's a minimum of a complexity 2**74 attack against 3DES, requiring 2**97 bytes of chosen plaintext. If you want to call that a practical attack, you can... but I'm not that bold.
But 3DES is not a good cipher
Please tell your doctor that your antipsychotic dosage needs to be upped. You're hallucinating madly again.
it is slow and is subject to a meet in the middle attack
Slow, yes. Susceptible to a meet-in-the-middle, no. Schneier, 12.3: "[If DES were a group], DES would be vulnerable to a meet-in-the-middle known-plaintext attack that runs in only 2**28 steps".
DES is, however, not a group.
One problem with PGP is that it only really works well for confidentiality. It does not handle non-repudiation too well.
Please point me in the direction of an implementable protocol which does provide perfect repudiability.
The non-technical problem with PGP is the somewhat combustible nature of Phil Zimmerman. He is somewhat high maintenance.
I know Phil. He's one of the lowest-maintenance people I've ever met. Friendly as all get out, and patient with newbies. Would you care to enlighten me as to his ``combustible'' nature?
except Phil's NIH policy
Strange. Bass-o-Matic was IH, and Phil ditched it like a hot potato for IDEA (NIH) when it turned out Bass-o-Matic was trivially weak.
If you're going to slander a man, you could at least be bothered to make sure your accusations are accurate.
Your assumption is correct only if the plain text is greater in length than the repetition frequency of the "pseudo" random sequence.
You're wrong, too. Let's say that the last 140Mb of the PRNG output is the same as the first 140Mb, since after 512Mb it went periodic. Now let's say you've got the Gettysburg Address stored at location 0 on the CD-ROM.
Well, gee, great. You can't read what's at position 0, because you don't have the corresponding part of the pseudo-OTP... wait, yes you do, because 513Mb-rest-of-disk is exactly the same as the pseudorandom output used to encrypt the plaintext in the first place.
XOR it with itself and you recover the Gettysburg Address.
Thus, even if the plaintext is vastly smaller than the repetition rate, you're still in jeopardy.
Moral of the story: don't use a scheme this naieve.
The trick is conveying this sequence to the intended receiver in a secure fashion.
The trick is creating the random numbers in the first place. There are some PRNGs which have outputs suitable for Monte Carlo simulations; others which are suitable for quick randomish values; others which are good for this, that and the other. Cryptographically secure PRNGs are extremely difficult to come by, and unless someone has done formal cryptanalysis on a PRNG, I won't use that PRNG.
The premise of a one-time pad (OTP) being unbreakable is sound provided the key is used once and only once and the positively destroyed.
The pads don't have to be destroyed; they just have to never, ever fall into the hands of the enemy. Destruction is not a necessary condition. A necessary condition that you did not mention is that the key material must be absolutely, totally entropic. Not pseudorandom, not random-seeming... absolutely, totally entropic.
This is no different from running a cipher in OFB8 mode. Which also happens to generate a long stream of pseudorandom values. Which also happens to be susceptible to cryptanalysis.
The reason why? Collisions. If the numbers were totally random, you'd expect any given group to repeat itself after a random interval. You don't see that with the output of pseudorandom number generators, or ciphers running in OFB8.
That tells a cryptanalyst that you're not using random numbers, which means the data wasn't encrypted with a one-time pad.
And that, my friend, means it's 100% breakable encryption.
Using a good pseudorandom number generator like YARROW-160 will provide you with 160 bits of entropy. Using a bad pseudorandom number generator, like, say, a cipher in OFB8 mode, is tempting but wrong.
The reason why is that people naievely believe that "well, if I seed my Blowfish key with 448 bits of entropy--its maximum--then my output will have 448 bits of entropy." Which is true, as far as it goes... but it goes periodic after only 2^32 bits. Or about 512 Mb.
That means if you fill a CD-ROM with the random-seeming output of Blowfish in OFB8 mode, you'll wind up repeating your output for the last 140Mb or so. And at that point, it's trivial cryptanalysis to recover the original plaintext.
Short version: if you want to use a one-time pad, you ABSOLUTELY MUST USE REAL RANDOM VALUES, NOT GENERATED PSEUDORANDUM VALUES. If you don't do this, then it's not a one-time pad and it doesn't enjoy the unbreakable nature of a one-time pad.
... except for Blowfish libraries written by half-assed, lazy programmers who can't be bothered to run their code past the Blowfish test vectors. Which are, for the record, conveniently available off Counterpane Labs' homepage.
While 95% of Applied Cryptography is still dead on the money--it's still the first book I recommend to people who want to make a serious study--some of its recommendations now look painfully naieve. For instance, Schneier recommends IDEA almost without reservation in Applied Cryptography; but today we know that better-than-brute-force attacks exist for 4.5 round IDEA (a miss-in-the-middle attack, if I recall correctly).
While these attacks don't extend to the full IDEA algorithm, cryptanalytic attacks only get better with time--never worse.
Short version: Schneier recommends against IDEA today. Last I heard, he was wholeheartedly endorsing RIJNDAEL, Twofish and TripleDES.
For public-key algorithms, I'm actually really fond of Rabin. RSA (and ElGamal) is built on three totally unproven conjectures:
P != NP
Factoring very large composites is an NP problem (El Gamal: calculating discrete logarithms is an NP problem)
There is no other way to break RSA than by factoring large numbers (El Gamal: no other way to break it than by calculating discrete logarithms)
Rabin, on the other hand, is based on two totally unproven conjectures:
P != NP
Factoring very large composites is an NP problem
... Yes, Rabin has some problems--the ciphertext tends to be much larger than with RSA--but on the whole, it's on a much stronger mathematical foundation. There have been some interesting hints, throughout the years, that the third of RSA's assumptions is not valid--nothing to make any but the most out-there mathematicians drool, but hints nonetheless.
By dodging the third issue, Rabin manages to be (theoretically) safer than RSA for a given modulus size. The word `theoretical' is extremely important, though; putting algorithms into practice is a far different thing than analyzing them in theory!
For this reason, although I prefer Rabin in theory, in practice I really don't care much which algorithm you use--RSA, El Gamal or Rabin are all just fine.
For symmetric algorithms, there is one and only one option for the hardcore and paranoid cryptogeek. That option is TripleDES--either two or three subkeys doesn't matter all that much, but three is definitely preferred. No other symmetric algorithm in history has been cryptanalyzed as heavily as DES. No other symmetric algorithm in history has established as much trust as DES. While at 56 bits of key DES is too weak for anything serious, TripleDES (at somewhere between 112 and 168 bits of key, depending on who you believe) is solid as a rock.
Of course, it's slower than hell and rekeying takes forever. But hey. If you want only the best, most secure, most-trusted, nothing else even comes close.
While I generally agree with your assessment, let's put it in a little more focus here.
The detective responsible for the case, Mark Fuhrman, committed perjury on the witness stand and was exposed to the jury as being an unrepentant racist. That, in turn, meant that virtually all the evidence in the criminal trial was suspect. After all, most of the evidence went through Fuhrman's hands at some point. And if Fuhrman would lie on the witness stand, then it's also very possible that he would doctor evidence to ensure a conviction.
Fuhrman's perjury is what sunk the OJ trial. OJ was acquitted, as was correct. If the police cannot be trusted--and the LAPD clearly cannot, given Fuhrman and Rampart and Rodney King and every other scandal that's come along--then reasonable doubt will always exist as to whether or not someone arrested by the police is really guilty.
Slashdot Mirror
It's not the same: prohibiting people from worshiping on Saturday is the sanctioning of Sunday-worshipers over Saturday-worshipers and is thus implied as establishing Sunday-worship as a National Religion.
I beg to differ. Please find me a Con Law professor, reference or Federal court decision which finds them to be substantially different.
If the government is allowed to circumvent a ``shall not'' in one Amendment, they can then apply the exact same logic to circumvent any other Amendment. The reference for that one, by the by, is Alan Dershowitz.
I'm not a Second Amendment enthusiast because I love guns. I defend the Second Amendment because I really, really love the Fourth.
A well regulated militia, being necessary to the security of a free state, the right of the people to keep and bear arms, shall not be infringed.
Please explain how that phriase means that you can carry a concealed weapon.
Simple. The ``shall not be infringed'' means Congress lacks the authority to infringe, in whatever manner, on the individual's right to keep and bear. ``Bear'' means ``carry''. Putting a no-concealed-carry restriction on the Second Amendment means that the right to keep and bear arms is being infringed by Congress--an explicit Second Amendment no-no.
Up until the Fourteenth Amendment came along, states had an unlimited right to enact gun control measures--as was appropriate, since the state was tasked with regulating the militia (as was hinted at in the preparatory language). Ever since the Fourteenth Amendment, though, things have gotten considerably muddier.
I am marginally in favor of gun control laws being applied at the state level. But it's pretty clear that Congress' hands are tied pretty tightly on the gun-control issue. Please don't mischaracterize my position as one of unlimited Second Amendment freedom--the Second Amendment, as originally drafted, merely meant the Federal government could not enact gun control law.
It is not their prerogative, however, to conduct an independent investigation to gather physical evidence, subpoena witnesses, etc. as it is under Finnish and Soviet law.
:)
Please read up on Judge John Sirica's actions during Watergate. You might be extremely surprised by what you learn.
but my point of contention has always been fundamental differences
Sure, as long as you define ``fundamental differences'' narrowly enough. Every time you make an assertion about American courts, I show a historical situation which shows you're wrong, and you go about decrying it as ``insignificant''. Well, of course they're insignificant, as long as you're the one who gets to dictate what's significant. I'm not inclined to let you, though.
If you were to draw up a taxonomy of legal systems, the American legal system is going to be placed in or near the "common law" category because that it whence it derives most of its procedures, particularly those relating to the gathering and presentation of evidence in a trial
Oh, why stop there? After all, both Finnish and American courts inherit from the Code of Hammurabi and Justinian's Code, so there are no significant differences between them, right? After all, they both inherit from the same places.
Or, alternately, they're related because Gustavus Adolphus had a significant role in forming both. Gustavus' dream of a Corpus Evangelicorum may not have come true in his life, but he certainly had a tremendous effect in how Scandiavian and German governments were arranged and organized. Many of Gustavus Adolphus' developments were borrowed by Americans and English later, so doesn't that mean they're all related?
Etc.
You get the idea. Whether or not the American legal system is ``based on'' the British legal system is true only if you take an idiosyncratic view of what it means to be ``based on''. The American legal system stands on its own, with influence from other systems, most notably the British--but that doesn't make American courts ``based on'' British courts.
Think about Linux for a moment. Is Linux ``based on'' SunOS? Is it ``based on'' SVR4? Is it ``based on'' FreeBSD? No. It borrows from all of the above plus some, but it stands on its own, independent and co-equal to those from whom it borrowed.
For instance, the difference between the judges' roles in the two systems is negligible compared to that with the judge's role under Soviet-style law, where he is an inquisitor charged with gathering evidence. IIRC even in civil law, the judge has inquisitional powers which he may choose to invoke if he feels the prosecution or defence has failed to gather sufficient evidence
You mean, like the United States courts do?
Check out John Sirica, a United States Federal judge who had the misfortune of hearing the Watergate case. When the government prosecutors went easy on witnesses (in order to protect Nixon), Sirica started interrogating witnesses himself in order to get to the bottom of things.
The White House complained mightily about ``Maximum John's'' method of handling his courtroom, but the Supreme Court backed Sirica up every step of the way.
Just because Federal judges rarely invoke their right to conduct interrogations doesn't mean they lack that power.
Which is true, as far as it goes. It is not true to say that the courts are based upon a British model. For instance,
- Review of Law
- Evidentiary Procedure
- Courts of Law versus Courts of Equity
- Status of the Judiciary
... I could go on, but you get the idea. While there's an awful lot of shared history there, the United States Judiciary is not based upon an English model--it is its own separate entity. It has adopted much from the practices of English courts, but that doesn't make it ``based upon'' English courts any more than a Chevy is ``based upon'' a BMW just by virtue of having four wheels, an engine and a steering column.In England, courts do not review law to determine whether the laws themselves are legal. England lacks a Constitution, which means Parliament can pass essentially anything which pleases it.
In American courts, the judge's only role in evidentiary procedure is to determine whether or not something is admissible as evidence--whether that be material evidence, or the evidence as given by an eyewitness. In British courts, the judge receives considerable leeway to tell the jury ``you may trust this if you like, but I certainly wouldn't''.
In America, every court of law is a court of equity as well. I'm uncertain as to whether they've been unified in British courts, but at the time America separated from Great Britain, British courts were separated along those two lines.
In America, the judiciary is explicitly granted co-equal status with the Legislature and the Executive. President Bush makes the news a fair bit and the Speaker of the House slightly less so, but most people don't understand that Chief Justice Rehnquist is co-equal to them in the grand scheme of things.
I find it hard to believe that it's that simple
:)
It is. But by all means, look up the principles of Constitutional law in an (American) law library of your choosing.
Do you have a cite?
Only in treeware form. If you have access to Black's, I'd suggest starting your search there. I'll look around for Web-based cites, if you like.
How do the courts deal with issues of jurisdiction?
The exact same way they deal with every other issue of jurisdiction.
Can a state court find a federal law unconstitutional?
No. State courts can find state law to be in violation of the state constitution, and the Federal courts can find state or Federal law to be in violation of the Federal Constitution.
Yes, each and every state in the Union has its own Constitution, just as the nation has a Constitution.
is the law erased everywhere, or just in that state?
Depends on the jurisdiction of the court in question. Let's take Iowa as an example (for the sole reason that I know the legal districts). There are two regions of Federal jurisdiction in Iowa, the Northern and the Southern Districts. If a judge in the Northern District declares a law to be unconstitutional, then the law is void ab initio everywhere in the Northern District of Iowa--but it's in full force in the Southern District of Iowa, as well as the rest of the country.
Let's say the government appeals that verdict to the Eighth Circuit Court of Appeals, which operates primarily out of St. Louis, Missouri or St. Paul, Minneapolis (they keep offices in both places). The Eighth Circuit has a jurisdiction that covers most of the central United States. Iowa, Minnesota, the Dakotas, Missouri, Arkansas, etc. Let's say the Eighth Circuit affirms the lower court and agrees that the law is unconstitutional.
Suddenly the law is nullified, ab initio, throughout the entire scope of the Eighth Circuit's jurisdiction.
If the government wants to appeal it from there, it goes to the Supreme Court (and there's no guarantee they'll hear the case; the Supreme Court is permitted to refuse to hear appeals, mostly due to the enormous number of requests they get). If the Supreme Court finds that the law is unconstitutional, then the law is nullified ab initio throughout the entire United States, plus its associated territories like Guam, the Virgin Islands, Puerto Rico, etc.
which, like American law, is based on British law
I beg your pardon. American law is not based upon British law. We incorporated the whole body of English common law into American common law after we won our independence, but our legal traditions are not British in origin. In Louisiana, much of the law owes more to the Napoleonic Code than to English courts.
There are strong (very strong!) similarities between American and British courts, but I wouldn't say American law is ``based upon'' British law.
British law, for instance, has no concept--no concept at all--of rights which belong to free people which no government can lawfully or morally deprive. American law is rife with them; the entire Bill of Rights, for instance.
An Ontario court ruled it unconstitutional, but it's still on the books, and you can still be prosecuted for it in the other provinces and territories.
But you can't be prosecuted for it in Ontario, where it's been found null ab initio.
Jurisdictional issues. Remember them.
- You can only break a law which exists.
- Unconstitutional laws do not exist.
- Dmitry may believe the DMCA is unconstitutional.
... So please don't say another word about how ``he's clearly guilty of violating the DMCA''. He's not. He's only guilty of violating the DMCA if the DMCA is Constitutional. That's a matter for the court to decide.If there's no law against eating peanut butter and jelly sandwiches on Thursdays, then you can't be guilty of committing the crime of eating peanut butter and jelly sandwiches on Thursdays, can you?
This is a cute little piece of judicial fiction, but it makes sense once you think about it. If unconstitutional laws were just simply voided, then that would be an acknowledgment that at one point they possessed legitimacy. Unconstitutional laws never possess legitimacy in the eyes of the court; as soon as the court formally finds that a law is unconstitutional, that law is nullified ab initio, from the very beginning. The law was, in essence, never passed in the first place. It couldn't be passed--because Congress only has the authority to pass laws which are in accordance with the Constitution.
God knows I do. Since unconstitutional laws don't exist--see the above point--Dmitry cannot be guilty of breaking an unconstitutional law--see the first point.
Did he violate the DMCA? Certainly. Congress is free to say anything they like, including free to say people shouldn't eat peanut butter and jelly sandwiches on Thursdays.
Is he guilty of violating the DMCA? That's a far different question. Am I guilty if I eat a peanut butter and jelly sandwich on a Thursday? Only if there's a law which forbids it--and since there's no law, I'm not guilty of a damn thing.
Are you high?!
That was, honestly, my first gut response to your message. You're operating under a critical, severe misunderstanding of how American jurisprudence works.
- The Constitution is the supreme law of the land.
- No unconstitutional laws exist.
- The judge must uphold the law.
... If the DMCA violates any of Dmitry's rights under the Constitution--and note that he has a hell of a lot of rights, even though he's a foreigner--then that's it; game over; prosecution loses.No ifs, ands or buts here. The Constitution is this nation's highest law; so high, in fact, that it automatically trumps any other law which comes into conflict with it.
This is actually a little judicial fiction that lawyers tell themselves, because unconstitutional laws are passed on a regular basis. However, the instant that a judge finds a law to be in conflict with the Constitution--i.e., there's a formal finding by a court that a law is inconsistent with the nation's highest law--then the law in question is not merely voided. If it were voided, that would mean at one point it was enforceable. Laws which are held to be unconstitutional are retroactively erased; they are invalid ab initio, from the very beginning. Is the law unconstitutional? If so, then that law doesn't exist and, more to the point, never existed in the eyes of the court.
A judge is responsible for seeing to it that the laws are properly applied--including the Constitution, the nation's highest law. A judge who will not judge laws for Constitutional correctness is a judge who is utterly incompetent for the bench, and who needs to be impeached.
No, I can't support this interpretation because it's unconstitutional. Once the government gets into the business of banning weapons, they can just as easily get into the business of banning religions. There's not much difference between ``those damn handguns! We have to get rid of them!'' and ``those damn Jews! We have to get rid of them!''
If you want to support a Constitutional amendment which would change the wording of the Second Amendment, more power to you. I have no objection at all to people who wish to amend the Constitution to achieve their gun-control objectives. The amendment approach has intellectual integrity; it doesn't try and spin and contort words until the entire Constitution is left inconsistent as an e2fs partition after a five-year old has been playing with the power switch.
But that begs the question of why the preparatory clause was included in the first place, if not to modify the operative clause. None of the other original amendments have similiar wording.
:)
:)
To give context. Or, alternately, for linguistic elegance. The Preamble to the Constitution gives context to the Constitution, even though it's not operative language. For instance, even though the operative language clearly says "the right of the people to keep and bear arms shall not be infringed", the preparatory language explains the intent of the Amendment is to provide for a well-regulated militia--or, to use modern language, an "assembly of armed citizens equipped appropriately for military operations".
I was simply was pointing out that it can be interpreted in other ways.
Oh, I know it can be interpreted in other ways. I just don't think the collectivist interpretation holds any water at all, and I loudly point out the problems with the collectivist interpretation whenever anyone brings it up.
[T]hey have no objection to moderate, regulated gun use.
But they won't stand up for gun users, either. That's why I'm not a member of the ACLU. Instead of standing up for a civil right, they quietly duck behind a sophistic argument wherein the Second Amendment isn't a civil right at all (i.e., not a right possessed by individuals), and thus they don't need to worry about it.
That's why, when I'm feeling particularly snippy, I call them the American Civil Liberties We Like Union.
Sure, Congress can ban guns and say ``everyone is permitted to carry a club''.
Just like they can ban worship services on Saturdays and tell the Jews and Muslims and Seventh-Day Adventists, ``oh, get over it, everyone's permitted to worship on Sundays''.
The two are equivalent. The two are equally illegal.
I don't see how that equates to carrying a concealed weapon
Simple. Congress has no authority to outlaw it. At the time the Constitution was drafted, the Bill of Rights applied only to the Federal government, meaning it was still lawful for a State government to have an established church (Massachusetts did, for instance), or to forbid their citizens the ownership of weapons. But once the 14th Amendment was passed, and people enjoyed all the protections at the State level that they enjoyed at the Federal level, most state gun control laws also became invalidated.
Note that this doesn't really seem to prevent the states from passing more laws, but hey.
The problem is the inconsistency still exists. The first clause, regarding the well-regulated militia, is preparatory language; the second clause, ``the right of the people'', is the operative language.
The preparatory gives context to the operative, but the edict the government must adhere to is the operative clause--not the preparatory. To elevate the preparatory to the level of operative would invalidate most Federal law existing today--after all, the preparatory language to the Constitution is full of high philosophical ideals which modern Federal law mostly fails to uphold, and as such, if the preparatory language is considered to be operative language, we wind up with another inconsistency problem.
The other problem is that the Constitution already authorizes Congress to field an army for national defense. If the collectivist interpretation was the correct one, then the Second Amendment would ambiguate the Constitution--because Congress may field an army (but is not required), but the entire Bill of Rights is viewed as affirmative law, establishing what the Government must do--i.e., it must not infringe upon the right to free exercise of religion, etc.
And if the Second Amendment is a collectivist right which can only lawfully be implemented by a Legislature, then why was it not amended into the Constitution in the same Article which enumerates the powers of the legislature?
Essentially, the collectivist interpretation (a) ambiguates the usage of ``the people'' throughout the Bill of Rights; (b) it ambiguates the Constitution, changing a MAY permissive into a MUST imperative (to use RFC terms); (c) it ambiguates the very structure of the Constitution by ambiguating the places in which the various powers of the government are delineated.
In essence, the collectivist interpretation makes sense only if you suspend your disbelief.
I know, I know--it's not exactly politically correct in this day and age to say, ``No. That idea's not worth the paper it's printed on. It has no concrete basis in reason or fact.'' I never quite adopted the twentieth- and twenty-first century reluctance to apply judgment to ideas, though--if someone can present a logically consistent framework for their ideas, then I'll grant their idea has validity even if I vehemently disagree.
But if the logical framework is insufficient to support the weight of the proposition, then I have to say, clearly, ``no''.
--I am, by the way, not an NRA member, nor am I fond of their political aims or methods. It is certainly within the rights of the states to pass laws to establish good order in the militia--but most gun control laws nowadays don't even bother with making an attempt at finding Constitutional grounds. They just get passed anyway.
... their explanation is a load of hooey, as any first-year law student can point out. The problem rests in the usage of the word ``the people''. According to the ACLU, ``the people'' in the Second Amendment refers to a collective right held by the State, not an individual right held by the people.
If we are to believe this, then every other instance of ``the people'' in the Bill of Rights needs to be interpreted identically. Otherwise, we wind up in a state of Constitutional inconsistency. While it is not impossible from a legal perspective to have the same phrase mean two completely different things, it is certainly deeply frowned upon.
This is the strongest argument in favor of the Second Amendment being an individual right, not collectivist--because any other interpretation would strip us of all our individually-held rights under the Constitution.
Alan Dershowitz (a well-known and respected attorney) is fervently opposed to firearms, but even he acknowledges the importance of viewing the Second Amendment as protecting an individual right--as Dershowitz says, ``any argument that can be used to take away someone's Second Amendment rights will sooner or later be used to take away their First Amendment rights.''
The ACLU is walking down a very slippery slope here. They know it's a slippery slope, and they don't care. It would be too hard, and too politically unpopular, to defend the Second Amendment. So they don't.
Personally, I think there's a spot in hell close to the fire saved especially for those people who lack the courage to defend the things they do not like in order to stand up for the things they do.
... anything ending in .gov.
It still doesn't support the export keyword.
This is no big slight on GCC, because to the best of my knowledge, no other compiler implements export either. Still, it's wrong to claim GCC is ISO C++ compliant. It's not.
You are wrong, DES has been broken repeatedly
DES has been cracked by brute force. Never cracked via cryptanalytic means.
I suggest you start paying attention to detail.
Bruce is the Issac Azimov [sic] of cryptography, not its Einstein or Newton.
Asimov had a PhD in biochemistry and taught at Harvard. In addition, he's one of a (very) few authors who ever published in every single categorization of the Dewey Decimal System. Asimov was one of the world's true Renaissance men, the last of a dying breed.
I would suggest you examine Asimov's curriculum vitae if you really wish to claim that Asimov was not among the top rank of scientists.
3DES is in such a way that the complexity of breaking 3DES is only twice that of breaking DES, despite having three times the key length. That is what makes it a bad cipher, the fastest known attack is well short of brute forcing the keyspace.
As I said, have your doctor up your antipsychotic medication. 3DES is not a bad cipher. It has its share of warts and foibles, but those warts and foibles are extremely well-known and no-one, absolutely no-one in the published world of cryptanalysis has ever come up with even a marginally feasible attack against it.
Regarding it needing 196 bits of key (3 64-bit keys) to get 112 bits of entropy, who cares? Really? Use a cryptographically secure PRNG and you can generate 196 bits trivially. If you've got a really sensitive secret, then invest in a true RNG and generate 196 bits that way. It's not a limitation in any sense of the word.
Regarding it being slow, fine, I'll grant you that. It's slow. That means it's unsuitable for certain applications which operate in extremely narrow time constraints. But for the rest of them, 3DES is a champ.
it is merely an extension of a previously broken cipher
DES has never been broken.
Its keyspace has been exhausted by brute force. That doesn't mean DES has weaknesses which have been exploited via cryptanalysis. That's what the word ``break'' means in the cryptanalytic field.
None gives perfect non-repudation
Thank you for conceding the point.
He has mellowed considerably since the FBI got off his case
Well, gee. If I was facing a Federal investigation and multiple felony counts, I'd be prickly, too. But, as you say, he has ``mellowed considerably''. Which means he is no longer ``combustible''. Thank you for conceding this point.
However rather than leverage that deployed base you and the rest of the OpenPGP community spend your time explaining to people why they shouldn't use it.
Please find me a single post I've made, either on USENET or on Slashdot, where I've come down opposed to any reasonable email encryption standard.
As I said before, if you're going to slander a man, you should at least check the facts first.
Wether [sic] or not the law is constitutional is decided in the appellate courts.
No. Any Federal District Court in the land can declare any law to be unconstitutional. It's not exclusively a matter of Circuit or Supreme jurisdiction.
(District Court = local, regional Federal Courts. Circuit Court = appellate court. Supreme = Supreme Court of the United States.)
however he is not regarded in the field as being of the very front rank
On the contrary. I'm in the field, and I regard him as part of the very front rank. I wouldn't say he's another Coppersmith, but he is undoubtedly top-drawer. I'd rank him above Rabin, in fact--unlike Rabin, Schneier knows his limits. (See Rabin's brain-damaged "unbreakable encryption scheme" if you want to see what I mean.)
The only reason to use 3DES is if you are forced to
... Or if you absolutely must have the most well-regarded, most-trusted cipher in history. Remember that the best attack against DES has complexity 2**37, and that's with 2**47 chosen plaintexts. This is a lot... one thousand terabytes of chosen plaintext.
That's a minimum of a complexity 2**74 attack against 3DES, requiring 2**97 bytes of chosen plaintext. If you want to call that a practical attack, you can... but I'm not that bold.
But 3DES is not a good cipher
Please tell your doctor that your antipsychotic dosage needs to be upped. You're hallucinating madly again.
it is slow and is subject to a meet in the middle attack
Slow, yes. Susceptible to a meet-in-the-middle, no. Schneier, 12.3: "[If DES were a group], DES would be vulnerable to a meet-in-the-middle known-plaintext attack that runs in only 2**28 steps".
DES is, however, not a group.
One problem with PGP is that it only really works well for confidentiality. It does not handle non-repudiation too well.
Please point me in the direction of an implementable protocol which does provide perfect repudiability.
The non-technical problem with PGP is the somewhat combustible nature of Phil Zimmerman. He is somewhat high maintenance.
I know Phil. He's one of the lowest-maintenance people I've ever met. Friendly as all get out, and patient with newbies. Would you care to enlighten me as to his ``combustible'' nature?
except Phil's NIH policy
Strange. Bass-o-Matic was IH, and Phil ditched it like a hot potato for IDEA (NIH) when it turned out Bass-o-Matic was trivially weak.
If you're going to slander a man, you could at least be bothered to make sure your accusations are accurate.
Your assumption is correct only if the plain text is greater in length than the repetition frequency of the "pseudo" random sequence.
You're wrong, too. Let's say that the last 140Mb of the PRNG output is the same as the first 140Mb, since after 512Mb it went periodic. Now let's say you've got the Gettysburg Address stored at location 0 on the CD-ROM.
Well, gee, great. You can't read what's at position 0, because you don't have the corresponding part of the pseudo-OTP... wait, yes you do, because 513Mb-rest-of-disk is exactly the same as the pseudorandom output used to encrypt the plaintext in the first place.
XOR it with itself and you recover the Gettysburg Address.
Thus, even if the plaintext is vastly smaller than the repetition rate, you're still in jeopardy.
Moral of the story: don't use a scheme this naieve.
The trick is conveying this sequence to the intended receiver in a secure fashion.
The trick is creating the random numbers in the first place. There are some PRNGs which have outputs suitable for Monte Carlo simulations; others which are suitable for quick randomish values; others which are good for this, that and the other. Cryptographically secure PRNGs are extremely difficult to come by, and unless someone has done formal cryptanalysis on a PRNG, I won't use that PRNG.
The premise of a one-time pad (OTP) being unbreakable is sound provided the key is used once and only once and the positively destroyed.
The pads don't have to be destroyed; they just have to never, ever fall into the hands of the enemy. Destruction is not a necessary condition. A necessary condition that you did not mention is that the key material must be absolutely, totally entropic. Not pseudorandom, not random-seeming... absolutely, totally entropic.
This is no different from running a cipher in OFB8 mode. Which also happens to generate a long stream of pseudorandom values. Which also happens to be susceptible to cryptanalysis.
The reason why? Collisions. If the numbers were totally random, you'd expect any given group to repeat itself after a random interval. You don't see that with the output of pseudorandom number generators, or ciphers running in OFB8.
That tells a cryptanalyst that you're not using random numbers, which means the data wasn't encrypted with a one-time pad.
And that, my friend, means it's 100% breakable encryption.
Using a good pseudorandom number generator like YARROW-160 will provide you with 160 bits of entropy. Using a bad pseudorandom number generator, like, say, a cipher in OFB8 mode, is tempting but wrong.
The reason why is that people naievely believe that "well, if I seed my Blowfish key with 448 bits of entropy--its maximum--then my output will have 448 bits of entropy." Which is true, as far as it goes... but it goes periodic after only 2^32 bits. Or about 512 Mb.
That means if you fill a CD-ROM with the random-seeming output of Blowfish in OFB8 mode, you'll wind up repeating your output for the last 140Mb or so. And at that point, it's trivial cryptanalysis to recover the original plaintext.
Short version: if you want to use a one-time pad, you ABSOLUTELY MUST USE REAL RANDOM VALUES, NOT GENERATED PSEUDORANDUM VALUES. If you don't do this, then it's not a one-time pad and it doesn't enjoy the unbreakable nature of a one-time pad.
... except for Blowfish libraries written by half-assed, lazy programmers who can't be bothered to run their code past the Blowfish test vectors. Which are, for the record, conveniently available off Counterpane Labs' homepage.
While 95% of Applied Cryptography is still dead on the money--it's still the first book I recommend to people who want to make a serious study--some of its recommendations now look painfully naieve. For instance, Schneier recommends IDEA almost without reservation in Applied Cryptography; but today we know that better-than-brute-force attacks exist for 4.5 round IDEA (a miss-in-the-middle attack, if I recall correctly).
While these attacks don't extend to the full IDEA algorithm, cryptanalytic attacks only get better with time--never worse.
Short version: Schneier recommends against IDEA today. Last I heard, he was wholeheartedly endorsing RIJNDAEL, Twofish and TripleDES.
Rabin, on the other hand, is based on two totally unproven conjectures:
... Yes, Rabin has some problems--the ciphertext tends to be much larger than with RSA--but on the whole, it's on a much stronger mathematical foundation. There have been some interesting hints, throughout the years, that the third of RSA's assumptions is not valid--nothing to make any but the most out-there mathematicians drool, but hints nonetheless.
By dodging the third issue, Rabin manages to be (theoretically) safer than RSA for a given modulus size. The word `theoretical' is extremely important, though; putting algorithms into practice is a far different thing than analyzing them in theory!
For this reason, although I prefer Rabin in theory, in practice I really don't care much which algorithm you use--RSA, El Gamal or Rabin are all just fine.
For symmetric algorithms, there is one and only one option for the hardcore and paranoid cryptogeek. That option is TripleDES--either two or three subkeys doesn't matter all that much, but three is definitely preferred. No other symmetric algorithm in history has been cryptanalyzed as heavily as DES. No other symmetric algorithm in history has established as much trust as DES. While at 56 bits of key DES is too weak for anything serious, TripleDES (at somewhere between 112 and 168 bits of key, depending on who you believe) is solid as a rock.
Of course, it's slower than hell and rekeying takes forever. But hey. If you want only the best, most secure, most-trusted, nothing else even comes close.
The number is actually far less than one percent. For well over ninety-nine percent of all cases, the Federal Appellate Courts are as far as it goes.
While I generally agree with your assessment, let's put it in a little more focus here.
The detective responsible for the case, Mark Fuhrman, committed perjury on the witness stand and was exposed to the jury as being an unrepentant racist. That, in turn, meant that virtually all the evidence in the criminal trial was suspect. After all, most of the evidence went through Fuhrman's hands at some point. And if Fuhrman would lie on the witness stand, then it's also very possible that he would doctor evidence to ensure a conviction.
Fuhrman's perjury is what sunk the OJ trial. OJ was acquitted, as was correct. If the police cannot be trusted--and the LAPD clearly cannot, given Fuhrman and Rampart and Rodney King and every other scandal that's come along--then reasonable doubt will always exist as to whether or not someone arrested by the police is really guilty.