Distributed.net may be partially responsible for relaxing the laws on exporting encryption. Perhaps it'll take a billion years to break 8192bit encryption with todays technology, but give it 5 years, and newer computers will be able to break it in minutes.
One can use the same reasoning to conclude that in 5 years those same computer that will be much more powerful will enable us to create even larger/more complex keys (that will presumably take another five years to break).
It almost seems as though any sufficiently large key can at least be made to be temporarily safe, so this would mean that one should key a new key every couple of years, but old information will be vulnerable if it is still important (bank accnt number).
I don't know where the so-called 'quantum' computing fits into all of this.
Hee hee, good one. While we're on the subject, I wonder what coder Hell will be for all the bad little programmers out there. Well, first, we have to have a devil. He would sit on a grand throne of flesh of bones of all the people he's fscked and inscribed on it would probably be his initials -- lets just pick two random letters -- BG, for instance. He would be surrounded by lawyers and congressmen and every programmer in Hell would have the most menial, mindnumbingly boring tasks to perform. They would be made to develop 3D games in Java, or use assembler to write a FFT routine, or do *anything* in Visual Basic. Yep, and it would all have to be done on Win95 (without any patches, ie Win98 SE). Now, THAT'S programmer Hell my fiends. So stop masturbating to computer porn and belittling the moronic suits everytime they click on an executable attachment in Outlook.
Call it ".HELL"
Just kidding, I serve only you dark master...
lol, I could see it now. An entire mini-earth complete with these little lincoln navigators (which happen to be the size of regular cars here) driven by mini-earthlings yapping on cell phones cutting each other off, flipping the bird, with these little american flags hanging off each fender to show their solodarity.
let us nuke it before we spread...;-]
Is there any reason to re-use any part of a one-time pad? Sure. Is there any reason not to? No.
No! You originally made it sound as if hopping all around the OTP possible re-using portions of it to encrypt more than one message. This is the whole purpose of *my* original response. You are defeating the purpose after going through the trouble to generate a OTP for a particular message. Any portion of a pad should never be used to encrypt another piece of plaintext.
The convoluted 'bitmask/offset' adds nothing to the security or usefullness of using a OTP!
"Encrypt using the large random number, the [random] offset and the mask.
"Random" means random. It does not mean "sorta random', "damn near random", or "pseudo-random". Maybe we count nuclear disintegrations or gamma rays or...
Well we could count the number of "FP"'s when a slashdot story is posted or how many times someone on/. mentions a beowulf cluster:P
Whatever the source, a truly random very large number has the identical resistance to algorithmic attack whether used on a USB keyfob or printed onto a series of sheets of a one-time pad.
Missing the point. A random number generation algorithm, by definition, gives a pseudo-random distribution of a random sequence: they all need a seed. Given that seed one can reproduce the "random" numbers again. However, you can choose a sufficiently convoluted method for getting a seed (as many implementations in RSA, ssl, etc) as many applications already do.
So the real question is: if you used such a random sequence to construct a OTP for *a* message, then you still have a problem: how do we get the symmetric key to another party?
So even if you had a random number generator based on the state of the electron of a H atom (which, for all intents and purposes can be considered random enough!) you can generate an unbreakable ONE TIME pad. But the previously stated problem still remains.
Point is, I really don't see a point in creating a OTP key that can be *reused*, it serves no purpose since it does not address the secure sharing problem anyway.
Question: if a one time pad is unbreakable because it uses (and never re-uses) a random series of characters for encryption, where did that random number come from. Hint: see preceding paragraph.
Well, as I explained above, any random number genration algorithm isn't truly random. But for instance, I believe that the characters for a OTP back in Bletchly (sp?) Park during WWII consisted of secretaries with a drum containing painted balls that they rolled around a bit and then pulled out. Now if you ask me if even this is random, is more difficult and I'm guessing is out of both of our means. google chaos theory, quantom mechanics.
So, given a truly random generator, a OTP is provably unbreakable (I confess I have not done a formal proof, but it is even something that can inately be reasoned by thinking a bit about it).
The original poster did not understand that not only is their naive algorithm breakable, but that there is no point in generating a reusable OTP key if you can just create a new one just as easily.
The strength of such a "pad" having a very long string of random letters/numbers is that, when using a different starting point in the random string each time, there is no algorithmic relationship between subsequent encryptions of even an identical message string - hence no algorithmic attack can be used.
Now that you have explained the approach I would like for you to analyze what you have said along with any hints as to why I think it is faulty (hint: s/random/pseudo-random).
"It won't be for at least another year. We're going to regroup and take a break, but people haven't heard the last from us," CSXT founder Ky Michaelson said.
I feel bad for them, but he sounds like he should be sitting in a large black leather chair penting his fingers or petting a persian cat while saying this:)
Assume that this matter were to go to trial..."do you think it's possible for a reasonable person to confuse this work with the official Wiley trademark?"
"If you think so, then according to the defendant you must be 'severely lacking in mental capacity.'"
I think that that is not what the Nastard fellow meant, he simply wants to highlight the humorous connection between someone actually being stupid enough to confuse this as a Wiley publication and their [Wiley's] Dummies crowd. I doubt a jury would think they were being insulted...
I can just imagine the jury's sympathy to the defendant once they realize they've been labeled mental midgets.
Also, you are using a slur here and are a biggot. You should've said: I can just imagine the jury's sympathy to the defendant once they realize they've been labeled mental little people.
One example of [where OSS makes business sense] would be if you were selling a piece of hardware, and wanted that hardware to work with as many platforms as possible, then open sourcing the drivers would probably be a pretty good way to go...
That's true but some companies still don't see the value in even that. Notably Nvidia and their "unfied driver architecture" leaving the *many* TNTx/GeForcex, Linux users out in the cold with shitty (unstable) accelerated OGL support. ATI, I believe, has open source drivers and supposedly their cards are the way to go for Linux.
Now it must be that their (Nvidia) driver architecture is important enough IP that it justifies the slow migration to "new" platforms. I don't know, but Nvidia either seriously improving or letting other developers improve their drivers would accelerate Linux, not only as being a more viable gaming platform, but being an even better desktop machine than it already is.
I agree, C++ certainly is strongly typed (unless the other fellow meant something else), but other problem such as the fact that exception handling seems to be an afterthought in its design and the uneeded complexity of multiple inheritance (all though, to be fair, one does not have to use that feature).
..are less physcotic that normal [sic] NYC cabbies. Last time I took a cab my driver winged through central park at a ludicrous speed nearly maiming a couple courageous joggers. I've never seen a hotdog vendor move so nimbly.
Thank you, that show is un-friggin-believable. They're definitely cancelling it?
"
Lois: What a lovely room and it's so clean.
Stewie: Well the ultraviolet light will be the judge of that. I picked this [using UV as semen-detecting gadget] up from that yummy exoskeleton Maria Schriver."
goto for some more FG fun.
I wonder if there are any electronic petitions circulating on the inet. know of any? seems the only way we have a voice to change this until 2 years from now, next november;-)...
Slashdot Mirror
Distributed.net may be partially responsible for relaxing the laws on exporting encryption. Perhaps it'll take a billion years to break 8192bit encryption with todays technology, but give it 5 years, and newer computers will be able to break it in minutes.
One can use the same reasoning to conclude that in 5 years those same computer that will be much more powerful will enable us to create even larger/more complex keys (that will presumably take another five years to break).
It almost seems as though any sufficiently large key can at least be made to be temporarily safe, so this would mean that one should key a new key every couple of years, but old information will be vulnerable if it is still important (bank accnt number).
I don't know where the so-called 'quantum' computing fits into all of this.
Hee hee, good one.
While we're on the subject, I wonder what coder Hell will be for all the bad little programmers out there.
Well, first, we have to have a devil. He would sit on a grand throne of flesh of bones of all the people he's fscked and inscribed on it would probably be his initials -- lets just pick two random letters -- BG, for instance.
He would be surrounded by lawyers and congressmen and every programmer in Hell would have the most menial, mindnumbingly boring tasks to perform.
They would be made to develop 3D games in Java, or use assembler to write a FFT routine, or do *anything* in Visual Basic.
Yep, and it would all have to be done on Win95 (without any patches, ie Win98 SE).
Now, THAT'S programmer Hell my fiends. So stop masturbating to computer porn and belittling the moronic suits everytime they click on an executable attachment in Outlook.
Call it ".HELL"
Just kidding, I serve only you dark master...
lol, I could see it now. An entire mini-earth complete with these little lincoln navigators (which happen to be the size of regular cars here) driven by mini-earthlings yapping on cell phones cutting each other off, flipping the bird, with these little american flags hanging off each fender to show their solodarity. let us nuke it before we spread...;-]
That icon in the upper left corner is so gay.
Heh, funny.
It's good to see young developers getting involved is OSS. I mean, what are these guys, 11, maybe 12 at most?
:P
No! You originally made it sound as if hopping all around the OTP possible re-using portions of it to encrypt more than one message. This is the whole purpose of *my* original response. You are defeating the purpose after going through the trouble to generate a OTP for a particular message. Any portion of a pad should never be used to encrypt another piece of plaintext.
The convoluted 'bitmask/offset' adds nothing to the security or usefullness of using a OTP!
"Encrypt using the large random number, the [random] offset and the mask.
"Random" means random. It does not mean "sorta random', "damn near random", or "pseudo-random". Maybe we count nuclear disintegrations or gamma rays or ...
/. mentions a beowulf cluster :P
Whatever the source, a truly random very large number has the identical resistance to algorithmic attack whether used on a USB keyfob or printed onto a series of sheets of a one-time pad.
Well we could count the number of "FP"'s when a slashdot story is posted or how many times someone on
Missing the point. A random number generation algorithm, by definition, gives a pseudo-random distribution of a random sequence: they all need a seed. Given that seed one can reproduce the "random" numbers again. However, you can choose a sufficiently convoluted method for getting a seed (as many implementations in RSA, ssl, etc) as many applications already do.
So the real question is: if you used such a random sequence to construct a OTP for *a* message, then you still have a problem: how do we get the symmetric key to another party?
So even if you had a random number generator based on the state of the electron of a H atom (which, for all intents and purposes can be considered random enough!) you can generate an unbreakable ONE TIME pad. But the previously stated problem still remains.
Point is, I really don't see a point in creating a OTP key that can be *reused*, it serves no purpose since it does not address the secure sharing problem anyway. Question: if a one time pad is unbreakable because it uses (and never re-uses) a random series of characters for encryption, where did that random number come from. Hint: see preceding paragraph.
Well, as I explained above, any random number genration algorithm isn't truly random. But for instance, I believe that the characters for a OTP back in Bletchly (sp?) Park during WWII consisted of secretaries with a drum containing painted balls that they rolled around a bit and then pulled out. Now if you ask me if even this is random, is more difficult and I'm guessing is out of both of our means.
google chaos theory, quantom mechanics.
So, given a truly random generator, a OTP is provably unbreakable (I confess I have not done a formal proof, but it is even something that can inately be reasoned by thinking a bit about it). The original poster did not understand that not only is their naive algorithm breakable, but that there is no point in generating a reusable OTP key if you can just create a new one just as easily.
The strength of such a "pad" having a very long string of random letters/numbers is that, when using a different starting point in the random string each time, there is no algorithmic relationship between subsequent encryptions of even an identical message string - hence no algorithmic attack can be used.
Now that you have explained the approach I would like for you to analyze what you have said along with any hints as to why I think it is faulty (hint: s/random/pseudo-random).
I hope you're joking, what do you think is the weak link in that chain?
"Thank you for pressing the self-destruct button, the ship will self-destruct in 7 minutes..."
"It won't be for at least another year. We're going to regroup and take a break, but people haven't heard the last from us," CSXT founder Ky Michaelson said.
:)
I feel bad for them, but he sounds like he should be sitting in a large black leather chair penting his fingers or petting a persian cat while saying this
...What would it take for Microsoft to incur the overhead of checking array bounds? Java seems to do this implicitly...
;-)
Yeah but so does VB 6, so that doesn't say much
Assume that this matter were to go to trial..."do you think it's possible for a reasonable person to confuse this work with the official Wiley trademark?"
"If you think so, then according to the defendant you must be 'severely lacking in mental capacity.'"
I think that that is not what the Nastard fellow meant, he simply wants to highlight the humorous connection between someone actually being stupid enough to confuse this as a Wiley publication and their [Wiley's] Dummies crowd. I doubt a jury would think they were being insulted...
I can just imagine the jury's sympathy to the defendant once they realize they've been labeled mental midgets.
Also, you are using a slur here and are a biggot. You should've said:
I can just imagine the jury's sympathy to the defendant once they realize they've been labeled mental little people.
;-)
It's at gnupg.org, BTW ;-)
sorry if this is a repost..
Britney? no, you mean Christina, she's so damned skinny, just look at her
Someone give her a sandwich, for Christ's sake.
Any distro that uses RPM's for their primary or only packaging system sucks
All generalizations are dangerous, even this one.
One example of [where OSS makes business sense] would be if you were selling a piece of hardware, and wanted that hardware to work with as many platforms as possible, then open sourcing the drivers would probably be a pretty good way to go...
That's true but some companies still don't see the value in even that. Notably Nvidia and their "unfied driver architecture" leaving the *many* TNTx/GeForcex, Linux users out in the cold with shitty (unstable) accelerated OGL support. ATI, I believe, has open source drivers and supposedly their cards are the way to go for Linux.
Now it must be that their (Nvidia) driver architecture is important enough IP that it justifies the slow migration to "new" platforms. I don't know, but Nvidia either seriously improving or letting other developers improve their drivers would accelerate Linux, not only as being a more viable gaming platform, but being an even better desktop machine than it already is.
Well, I think he means that the next open source iteration of Mac OS wouldn't need to be bought, you could just compile it yourself :-)
A Mac artist compiling software, now that's cute.
I agree, C++ certainly is strongly typed (unless the other fellow meant something else), but other problem such as the fact that exception handling seems to be an afterthought in its design and the uneeded complexity of multiple inheritance (all though, to be fair, one does not have to use that feature).
..are less physcotic that normal [sic] NYC cabbies.
Last time I took a cab my driver winged through central park at a ludicrous speed nearly maiming a couple courageous joggers. I've never seen a hotdog vendor move so nimbly.
sorry link got lobodomized:
go here for family guy stuff...
Thank you, that show is un-friggin-believable. They're definitely cancelling it?
"
Lois: What a lovely room and it's so clean.
Stewie: Well the ultraviolet light will be the judge of that. I picked this [using UV as semen-detecting gadget] up from that yummy exoskeleton Maria Schriver."
goto for some more FG fun.
I wonder if there are any electronic petitions circulating on the inet. know of any? seems the only way we have a voice to change this until 2 years from now, next november ;-)...