Elliptic encryption is not broken. FEE is still secure, as are all the other well-implemented versions of the encryption out there (unless the NSA has some big news they're not telling us...). Geez.
What happened is they brute-forced a 109-bit key. That's a small key. The minimum used in this company's product is 163 bits. While I wouldn't call this "impossible," it certainly is computationally secure for several years, and that's the minimum size.
When distributed.net cracked the 64-bit RC4 key, you didn't hear anyone saying "Oh no! OFB stream ciphers are broken!" That's about what this article amounts to: they brute-forced a small key, and/. claims the algorithm is broken.
This argument is very, very old and very, very dumb. It just depends on what you're doing. These stats were approximately true last time I looked, pipeline changes may have changed this.
If you're doing 3d gaming, who cares, it's your GPU doing the work anyway.
For 2d graphics, the Mac is about twice as fast per clock cycle. So, equivalent to a 2GHz Pentium for, say, Photoshop.
For cracking codes, the vector processing unit in the Mac really shines, it's over 6 times as fast per clock (see distributed.net) as a P4 for brute-forcing RC4. So, equivalent to about a 6.4 GHz, more than he claimed. The G4 almost 3 times faster than an Athlon (the second best) per clock cycle.
For most stuff, the G4 is slightly faster than Pentium, per clock cycle. Some 20% faster for POV-Ray, about 30% faster for SETI (based on stats between me and my roommate) etc. So for most stuff, it's not worth the 4GHz Pentium.
Yes, I think it is pretty well established that math is NP-complete.:-)
Re:GEEEZ /. users are morons!
on
Water Computing
·
· Score: 1
I have M2 and my karma has been maxed for a long time (note my use of +1 on that post), so it's pretty safe to assume that I'm not a karma whore. I just get really pissed off when Slashdot users can't decide how many electrons there are in water, and the argument thread runs 4-deep.
"ripple" carry, so to speak. What did you expect, carry-look-ahead?
GEEEZ /. users are morons!
on
Water Computing
·
· Score: 5, Informative
How can people argue about this for so long!?!? If you really know nothing about chemistry, don't post about it.
Oxygen is element 8. It has 8 electrons. 6 of them are valence elecrons (in the 2s and 2p orbitals) and 2 of them are "core" electrons in the 1s orbital. Only the valence electrons get drawn in those dot diagrams, that's why you can only see six on some sites.
Hydrogen is element 1. It has 1 electron. This electron is in the 1s orbital.
Water is H2O, where the 2 is subscript. It has 2 hydrogens and one oxygen, with polar-covalent bonds between them, so there are 2*1+1*8=10 electrons. Two of them are in oxygen's 1s orbital, four of them are in two of oxygen's four sp3 hybrid orbitals, and four of them are shared between hydrogen's 1s orbital and the other two of oxygen's sp3 hybrids (one orbital and two electrons for each hydrogen).
Don't even get me started on sp3* anti-bonding pairs.
Sorry for being inconsistent as to whether numbers should be spelled out.
Re:How will we do without blogs?
on
Blogger Hacked
·
· Score: 2, Funny
They clutter the internet with useless information..... So yeah, I need to be shot.
We'll it isn't completely useless information. At the very least, we know who to shoot.
The point isn't to hide the data you're encrypting in, it's to be able to recover the original image.
Right. But what I haven't figured out is, why are you putting more data in the image in the first place? It seems this would make a really bad steg scheme, and reversibility is about useless in steg anyway. If you're trying to store data with the image, put it in the comments field. If you're trying to exploit the redundancies in the image to put in more data, just compress the image to remove the redundancies, then store the data side-by-side or in the comments field.
[naive stego loses data] This is bad, if for instance, the encrypted information is a time/date/id stamp and the image is a crime scene photo...
Yup. Which is why you write down the information instead of putting it in the photo. And if you put it in the photo, you put it in the comments field. And if you're worried about that being faked, you sign it with [P]GP[G]. Encrypting it in the image and then removing it later seems, well, silly at the very least: the whole point of watermarks is that they're irreversible (and hard to get rid of). Although I'm not so sure anymore that steg is the point, I have decided that, while cool, this technology has basically no practical application. So it's sort of dumb to keep arguing over what exactly the application of this is.
So based on that, can you think of what you would possibly use this for?
Nope. If it really is supposed to be steg, 100 to 1 it sucks. You just don't go into a field where almost every new algo gets broken in months, and make a new secure algo with additional features. Especially since losslessness is basically useless in steg.
You have to either add new bits, or make some assumptions about the original image. Remember, most reasonably normal images can be compressed losslessly, if not by very much, so you should be able to add a few extra bits losslessly under similar assumptions.
The algo must either add to the length, or else assume that the picture has reasonable properties such as corellation of LSB, etc. They aren't claiming infinite compression, just a new steg/watermarking thing. Big whoop.
How is this any different from Camouflage, which is used by some "Warez" sites to hide files within images?
Camouflage basically just changes the file type to trick websites that only host images. Some other tweaks are necessary to make it look like a valid image, but basically the image looks like random garbage. This thing signs real images to either hide additional data or prove they have not been altered (or so it is claimed). Not a big deal, better methods exist.
Or b.) fool the camera into thinking that it is taking a picture, when you have actually bypassed the CCD and are feeding it information from your home computer. b.) is probably a lot easier.
Right. Except what the sig basically says was "this picture was taken with camera ID [blah]." It only means something if you know camera ID blah is the one that took the picture originally, trust its owner not to change things or leave his camera around, trust Canon not to escrow the keys, etc etc etc.
Well, I'm actually not so sure. It appears to be steg, should be usable as steg, and is pretty much useless as anything but steg, but it is also pretty much useless as steg, too. Reversibility is not an issue with steg: if whomever you're hiding from can see the data in transit, you a) shouldn't xor the message out because they just compare it with the sent message, and b) shouldn't have used an image that exists elsewhere for you to prove it's identical to. If you don't think they will do something like this, why the heck are you stegging at all? Rather, detectability seems to be the hard thing, and not going too well now (a paper broke some of the last remaining good steg algos in Sept this year).
Note that the article talks about authentication and watermarking. And the paper was presented under the "Watermarking" section in the IEEE conference. Too bad we can't ge the actual text, although from the detail-light article, it looks pretty much useless anyway.
If you can "watermark" (not sure if that is technically the right term for what these folks are proposing) something in such a way that it is undetectable to the viewer... Of course you can't. If it isn't visible, you can make an image with no watermark at all that looks the same, ie remove it. And this is reversible. So you can remove it by definition.
Quoth the parent: They are refering to water marks. This is not about "encryption" or even "stenography". The problem is proving a document is original. Actually, it looks like steg to me. Because to prove a document is unaltered without altering it, you just sign it with your private key. This can't be any better: someone could remove the watermark (it's reversible), alter the message, and "authenticate" that, unless there is a digital signature embedded in the image, in which case why not just attach it to the file? Although it would appear that the original paper is not online, so we can't be sure.
... just reversably, so you can get the original back later. And it isn't watermarking! They use only the LSB, so it won't survive recompression, printing, whatever. You can't encode anything without the image without distorting it, except by permuting the color tables. But that is easily detected and can't store much data anyway.
Although I don't really see the point. It's not really worth much as steg as far as I can see, and if the data you change are redundant anyway, you might as well compress them out unless you want to do steg. Silly.
Slashdot Mirror
Elliptic encryption is not broken. FEE is still secure, as are all the other well-implemented versions of the encryption out there (unless the NSA has some big news they're not telling us...). Geez.
/. claims the algorithm is broken.
What happened is they brute-forced a 109-bit key. That's a small key. The minimum used in this company's product is 163 bits. While I wouldn't call this "impossible," it certainly is computationally secure for several years, and that's the minimum size.
When distributed.net cracked the 64-bit RC4 key, you didn't hear anyone saying "Oh no! OFB stream ciphers are broken!" That's about what this article amounts to: they brute-forced a small key, and
This argument is very, very old and very, very dumb. It just depends on what you're doing. These stats were approximately true last time I looked, pipeline changes may have changed this.
If you're doing 3d gaming, who cares, it's your GPU doing the work anyway.
For 2d graphics, the Mac is about twice as fast per clock cycle. So, equivalent to a 2GHz Pentium for, say, Photoshop.
For cracking codes, the vector processing unit in the Mac really shines, it's over 6 times as fast per clock (see distributed.net) as a P4 for brute-forcing RC4. So, equivalent to about a 6.4 GHz, more than he claimed. The G4 almost 3 times faster than an Athlon (the second best) per clock cycle.
For most stuff, the G4 is slightly faster than Pentium, per clock cycle. Some 20% faster for POV-Ray, about 30% faster for SETI (based on stats between me and my roommate) etc. So for most stuff, it's not worth the 4GHz Pentium.
How does this become a Federal crime?
Duh. You're transporting your ill-gotten packets across state lines.
You are definitely thinking of coffee.
"A mathematician is a machine that turns coffee into theorems." --Paul Erdos
(of course, he also said "Computer scientists turn coffee into urine.")
In other news, all your base are still belong to us.
Right, you have to make a program that is "x:=my source; Q(x)". This is possible, usually you do it by including a copy of GCC :-)
Is this a bug in the slashcode or what? I thought you could only get 5 modpoints at a time... and my "points" don't show up on regular /.
Insight anyone? Will i get $rtbl for going on a modding spree?
There was a math olympiad problem about that a while back. I think it was something like, prove you can't win with only left-handed S blocks.
...math is hard too. :(
:-)
Yes, I think it is pretty well established that math is NP-complete.
I have M2 and my karma has been maxed for a long time (note my use of +1 on that post), so it's pretty safe to assume that I'm not a karma whore. I just get really pissed off when Slashdot users can't decide how many electrons there are in water, and the argument thread runs 4-deep.
I wish you could mod things (-1, wrong).
"ripple" carry, so to speak. What did you expect, carry-look-ahead?
How can people argue about this for so long!?!? If you really know nothing about chemistry, don't post about it.
Oxygen is element 8. It has 8 electrons. 6 of them are valence elecrons (in the 2s and 2p orbitals) and 2 of them are "core" electrons in the 1s orbital. Only the valence electrons get drawn in those dot diagrams, that's why you can only see six on some sites.
Hydrogen is element 1. It has 1 electron. This electron is in the 1s orbital.
Water is H2O, where the 2 is subscript. It has 2 hydrogens and one oxygen, with polar-covalent bonds between them, so there are 2*1+1*8=10 electrons. Two of them are in oxygen's 1s orbital, four of them are in two of oxygen's four sp3 hybrid orbitals, and four of them are shared between hydrogen's 1s orbital and the other two of oxygen's sp3 hybrids (one orbital and two electrons for each hydrogen).
Don't even get me started on sp3* anti-bonding pairs.
Sorry for being inconsistent as to whether numbers should be spelled out.
They clutter the internet with useless information..... So yeah, I need to be shot.
We'll it isn't completely useless information. At the very least, we know who to shoot.
That's ridiculously overpriced! I can break my computer and set it on fire for only $50 with... err...
The point isn't to hide the data you're encrypting in, it's to be able to recover the original image.
Right. But what I haven't figured out is, why are you putting more data in the image in the first place? It seems this would make a really bad steg scheme, and reversibility is about useless in steg anyway. If you're trying to store data with the image, put it in the comments field. If you're trying to exploit the redundancies in the image to put in more data, just compress the image to remove the redundancies, then store the data side-by-side or in the comments field.
[naive stego loses data] This is bad, if for instance, the encrypted information is a time/date/id stamp and the image is a crime scene photo...
Yup. Which is why you write down the information instead of putting it in the photo. And if you put it in the photo, you put it in the comments field. And if you're worried about that being faked, you sign it with [P]GP[G]. Encrypting it in the image and then removing it later seems, well, silly at the very least: the whole point of watermarks is that they're irreversible (and hard to get rid of). Although I'm not so sure anymore that steg is the point, I have decided that, while cool, this technology has basically no practical application. So it's sort of dumb to keep arguing over what exactly the application of this is.
So based on that, can you think of what you would possibly use this for?
Nope. If it really is supposed to be steg, 100 to 1 it sucks. You just don't go into a field where almost every new algo gets broken in months, and make a new secure algo with additional features. Especially since losslessness is basically useless in steg.
You have to either add new bits, or make some assumptions about the original image. Remember, most reasonably normal images can be compressed losslessly, if not by very much, so you should be able to add a few extra bits losslessly under similar assumptions.
The algo must either add to the length, or else assume that the picture has reasonable properties such as corellation of LSB, etc. They aren't claiming infinite compression, just a new steg/watermarking thing. Big whoop.
How is this any different from Camouflage, which is used by some "Warez" sites to hide files within images?
Camouflage basically just changes the file type to trick websites that only host images. Some other tweaks are necessary to make it look like a valid image, but basically the image looks like random garbage. This thing signs real images to either hide additional data or prove they have not been altered (or so it is claimed). Not a big deal, better methods exist.
Or b.) fool the camera into thinking that it is taking a picture, when you have actually bypassed the CCD and are feeding it information from your home computer. b.) is probably a lot easier.
Right. Except what the sig basically says was "this picture was taken with camera ID [blah]." It only means something if you know camera ID blah is the one that took the picture originally, trust its owner not to change things or leave his camera around, trust Canon not to escrow the keys, etc etc etc.
Well, I'm actually not so sure. It appears to be steg, should be usable as steg, and is pretty much useless as anything but steg, but it is also pretty much useless as steg, too. Reversibility is not an issue with steg: if whomever you're hiding from can see the data in transit, you a) shouldn't xor the message out because they just compare it with the sent message, and b) shouldn't have used an image that exists elsewhere for you to prove it's identical to. If you don't think they will do something like this, why the heck are you stegging at all? Rather, detectability seems to be the hard thing, and not going too well now (a paper broke some of the last remaining good steg algos in Sept this year).
Note that the article talks about authentication and watermarking. And the paper was presented under the "Watermarking" section in the IEEE conference. Too bad we can't ge the actual text, although from the detail-light article, it looks pretty much useless anyway.
Ho hum.
If you can "watermark" (not sure if that is technically the right term for what these folks are proposing) something in such a way that it is undetectable to the viewer... Of course you can't. If it isn't visible, you can make an image with no watermark at all that looks the same, ie remove it. And this is reversible. So you can remove it by definition.
Quoth the parent: They are refering to water marks. This is not about "encryption" or even "stenography". The problem is proving a document is original. Actually, it looks like steg to me. Because to prove a document is unaltered without altering it, you just sign it with your private key. This can't be any better: someone could remove the watermark (it's reversible), alter the message, and "authenticate" that, unless there is a digital signature embedded in the image, in which case why not just attach it to the file? Although it would appear that the original paper is not online, so we can't be sure.
... just reversably, so you can get the original back later. And it isn't watermarking! They use only the LSB, so it won't survive recompression, printing, whatever. You can't encode anything without the image without distorting it, except by permuting the color tables. But that is easily detected and can't store much data anyway.
Although I don't really see the point. It's not really worth much as steg as far as I can see, and if the data you change are redundant anyway, you might as well compress them out unless you want to do steg. Silly.