What you "know" is wrong. Putin is doing it because he is trying to rebuild the power and prestige of Russia by assuming the legacy of the Soviet Union as a great power. There are many current and future negative consequences to that.
Exactly, the weapon design bureau currently known as Pivdenne, one of the largest industrial enterprises in Ukraine, with 13,000 workers is located in Dnipropetrovsk in the East...... The sooner the Americans get a conference together to organize handing over Eastern Ukraine to the Russians the better.
That is obviously backwards. It would seem that if Russia is becoming an imperialist aggressor to steal resources to make itself more powerful, some say to rebuild the Soviet Union, that the last thing the world should do is enable that. Othewise, where does it end? Until Putin says, "‘This Is the Last Territorial Demand I Have to Make in Europe’ "?
I can't say that I see any real valid basis for your chauvinism, but I do note that you support restrictions on the freedom of humanity. Might you be another one of the socialism / fascism is "freedom" club?
That's funny, most people that despise the "1%" seem to want to get rid of them... somehow. You want to keep them? Which "shit" do you refer to? Someone might be pulling the wool over your eyes, and it isn't the "1%."
I doubt that either Ukraine or Russia foresees Ukraine buying back nuclear weapons from Russia to point back at Russia.
Ukraine inherited significant portions of the Soviet ICMB design and manufacturing infrastructure. They almost certainly have the needed expertise to build nuclear weapons as well. Ukraine has a significant nuclear power infrastructure.
After the fall of the Soviet Union Russia didn't send bombers to probe NATO and US defenses until the last few years. When and how that is done can also be a signal.
It looks to me like you've got that completely wrong, not the least of which is the strategic weapons Ukraine had were developed by the Soviet Union of which both Russia and Ukraine were a part. As to the rest...
Half of Ukraine's electricity is from nuclear power. That have 13 reactors now, and plan to add 11 more. Access to enriched nuclear materials isn't likely to be much of a problem.
Ukraine is capable of producing advanced intercontinental range ballistic missiles, and its missile industry is second only to Russia's among the former Soviet republics. The linchpin of this industry is the former Yuzhnoye Scientific Production Association, arguably the preeminent intercontinental ballistic missile (ICBM) design and production facility in the Former Soviet Union, whose capabilities are matched only by a handful of U.S. and Russian missile enterprises.
Ironically, the notion of reacquiring nuclear weapons as a security guarantee is a position publicly advocated by Putin himself: "If you cannot count on international law, then you must find other ways to ensure your security.... This is logical: If you have the bomb, no one will touch
Putin: Both causing and suggesting the solution to Ukraine's security problems. Thanks Vladimir Vladimirovich!
And look! He's turning up the heat because in brinkmanship too much is never enough.
The Dutch defense department says several NATO member countries scrambled jets Wednesday afternoon after a pair of Russian bomber planes approached their airspace over the North Sea.
The Dutch ministry identified the planes as two Russian TU-95 Bears, and said it had launched two F-16s from Volkel air force base to intercept them. The Russian jets were escorted by aircraft from the Netherlands, Britain and Denmark until they departed.
We haven't proven we can adequately care for the environment of the planet of our origin, why should we be allowed another viable planet to screw up?
Who do you think we have to ask permission of to leave the planet and travel to another?
So far as I'm concerned it's a good thing we're far from the point where we can reach and colonize other planets because it's clear we're just not ready and won't be for quite some time to come.
I find it interesting that your test of readiness isn't technical, but social. It is like saying that if everybody doesn't obey some set of arbitrary standards on the Titanic, nobody gets to go to the lifeboats.
Hell, I wouldn't be surprised if our galaxy is teeming with intelligent, starfaring races, and they've quarantined us because we're so fucked up and shouldn't be let loose on the galaxy.
You agree with the notion of restrictions on the freedom of humanity? When does that end?
You know you have a really fast elevator when it gets its own theme song and maybe a TV show or movie. Maybe something like "Smokey in the Elevator," or "The Elevators a Hazard."
Back in 2004-5, NIST decided to address a longstanding weakness of the FIPS standards, namely, the limited number of approved pseudorandom bit generator algorithms (PRGs, or 'DRBGs' in NIST parlance) available to implementers. This was actually a bit of an issue for FIPS developers, since the existing random number generators had some known design weaknesses.*
NIST's answer to this problem was Special Publication 800-90, parts of which were later wrapped up into the international standard ISO 18031. The NIST pub added four new generators to the FIPS canon. None these algorithms is a true random number generator in the sense that they collect physical entropy. Instead, what they do is process the (short) output of a true random number generator -- like the one in Linux -- conditioning and stretching this 'seed' into a large number of random-looking bits you can use to get things done.** This is particularly important for FIPS-certified cryptographic modules, since the FIPS 140-2 standards typically require you to use a DRBG as a kind of 'post-processing' -- even when you have a decent hardware generator.
The first three SP800-90 proposals used standard symmetric components like hash functions and block ciphers. Dual_EC_DRBG was the odd one out, since it employed mathematics more that are typically used to construct public-key cryptosystems. This had some immediate consequences for the generator: Dual-EC is slow in a way that its cousins aren't. Up to a thousand times slower.
Now before you panic about this, the inefficiency of Dual_EC is not necessarily one of its flaws! Indeed, the inclusion of an algebraic generator actually makes a certain amount of sense. The academic literature includes a distinguished history of provably secure PRGs based on on number theoretic assumptions, and it certainly didn't hurt to consider one such construction for standardization. Most developers would probably use the faster symmetric alternatives, but perhaps a small number would prefer the added confidence of a provably-secure construction.
The 'back door' in Dual-EC comes exclusively from the relationship between P and Q -- the latter of which is published only in the Dual-EC specification.
Apparently Interop, the holder of the 45.x.x.x block since 1995, no longer needs that much space. They're now returning 99 percent of it to ARIN, the American Registry for Internet Numbers, which handles IP address distribution in North America. Interop is holding on to a small fraction of the 45/8 block that's currently in active use.
You could keep Dual_EC_DRBG by updating the standard to have a new set of constants just like you can update the standard to remove Dual_EC_DRBG entirely. It isn't that hard.
I never claimed that the existing constants were created via an open process. What I pointed out is that a new set of constants could be created by an open process and that addresses the trust issue.
That would have about as much effect as pissing into the ocean would have on raising sea levels.
That isn't completely true due to the high degree of leveraging that can occur with NAT. It only takes a relatively small number of public addresses to service millions of private IP client addresses. There are very large numbers of private IP addresses being wasted. One properly used Class A block could allow you to service many billions of client computers.
And hopefully more large companies and organizations that hold large blocks of public IP addresses will start moving to private IP addresses and release the public IP addresses for use by others. I know some places that have large numbers of systems with public IP addresses that are behind firewalls and really have no business having a public IP address on those systems anymore.
Oh dear, did something I wrote bruise your feelings at some point? That's too bad. What is worse is that you don't understand that establishing the facts is a different question than making an assessment. You don't seem to be up to judging my thought process at the moment.
The Current Science that we have, with the technology and Anthropology we have, rules out the possibility of the Christian religion having any basis in reality. It doesn't rule out the possibility a god exists. It only means that the current dominant Abrahamic religions are not realistic descriptions of the universe we live in.
Which science is that then? Is it the science that claims we live in a multiverse where there are infinite universes where every possibility happens? Is it the science that claims our universe is a hologram? Is it the science that claims we popped into existence through a fluctuation in quantum probability? Is it the science that claims to explain what the universe is and how it came about, except that it doesn't know what the dark matter and dark energy are that constitute the overwhelming majority of it... assuming it exists at all and the explanation isn't actually a modified theory of gravity like TeVeS or some such? Is it the science that claimed that the coelacanth was dead for 66 million years.... until one was caught in 1938? Is it the science that claimed the city of Troy didn't exist... until it was found? Is that the science that said that the Antikythera Mechanism shouldn't exist? Is it the science that claimed that the walls of Jericho falling outward was a myth... until it was proven? Is it the science that claimed it was impossible that the Bible was transmitted accurately through the centuries.... until the Dead Sea scrolls and other document fragments were found to prove that it had been?
Perhaps you should prepare yourself for further "refinement" in the understanding of science on various matters?
But these religions justify how we treat other people, why certain social groups are stigmatized, and have a heavy impact on who are leaders are, what our laws are, how we raise our children, and the legitimacy of the standing governments. If the Religions aren't true, then there is no justification for the political positions of MANY people in the US Government.
Shall we contrast Marxism or Marxist-Leninism which has been claimed to be a "science" by countless millions over the last century, and which has been the governing philosophy for a large percentage of the earth's population into the 1990s (and still governs China and three lesser nations) with the Bible? Marxist principles (14:16-23:16) call for the destruction of the class enemy in the revolutionary struggle, and the destruction of primitive societies that were too far behind to catch up with the revolutionary struggle which at the time would have included groups such as the Serbs, Bretons, Basques, and Scottish Highlanders. The National Socialists, another set of socialists inspired by Marx, exterminated the "unfit," the deformed, gays, Jews, and many others.
Should we branch off into the Progressives and their ideas about eugenics?
And what of the Bible?
One of the teachers of the law came and heard them debating. Noticing that Jesus had given them a good answer, he asked him, “Of all the commandments, which is the most important?”
“The most important one,” answered Jesus, “is this: ‘Hear, O Israel: The Lord our God, the Lord is one. Love the Lord your God with all your heart and with all your soul and with all your mind and with all your strength. The second is this: ‘Love your neighbor as yourself. There is no commandment greater than these.” -- Mark 12:28-31
Your views seem very questionable on both the science and the question of religion.
The problem isn't the algorithm. The "problem" is specifically a question of trust in how the constants for the curve were developed. There is no backdoor if you don't create one from the start. The possibility of there being one is gone if you have an open process to create the curve values in which a backdoor isn't created. At that point the remaining issue is performance. Up till now there have been three other RNGs in the standard if you don't like Dual_EC_DRBG. Yes you can compare the situation to DES because the issue in question is the same in both cases: trust in the body creating the standard. The fact that they are different types of encryption is meaningless. Either NSA did or didn't backdoor DES. Either NSA did or didn't backdoor Dual_EC_DRBG. There is now enough accumulated knowledge and evidence to say that they didn't backdoor DES. We may never know about Dual_EC_DRBG. Suspicion is reasonable, claims of knowledge aren't unless you worked at NSA on that standards effort unless you want to say you "just know."
That really isn't right, is it? You're abusing the notion of "backdoor." The evidence that a backdoor is possible is incontrovertible. But practically speaking to have access to that backdoor you have to develop the backdoor values as part of defining the curve for the standard / implementation. If you don't develop the backdoor values as part of defining the curve then you are essentially back to solving the original problem in order to get your "shortcut". In other words, it is no help at all if you don't do it from the start. An unknown "backdoor" that is as hard or harder to solve than the original math problem isn't really what you could call a backdoor in conventional terms, is it?
The bias in the output mentioned earlier is concerning, but there are no known attacks against Dual_EC_DRBG unless you have pre-existing knowledge of the relationship between P and Q. In other words, this backdoor (if true as alleged) allows the NSA to break Dual_EC_DRBG but does not make it much vulnerable to anyone else. This is much different than a backdoor password which would be immediately usable by any adversary who discovered it (e.g. by reverse engineering the code).
Slashdot Mirror
What you "know" is wrong. Putin is doing it because he is trying to rebuild the power and prestige of Russia by assuming the legacy of the Soviet Union as a great power. There are many current and future negative consequences to that.
Exactly, the weapon design bureau currently known as Pivdenne, one of the largest industrial enterprises in Ukraine, with 13,000 workers is located in Dnipropetrovsk in the East...... The sooner the Americans get a conference together to organize handing over Eastern Ukraine to the Russians the better.
That is obviously backwards. It would seem that if Russia is becoming an imperialist aggressor to steal resources to make itself more powerful, some say to rebuild the Soviet Union, that the last thing the world should do is enable that. Othewise, where does it end? Until Putin says, "‘This Is the Last Territorial Demand I Have to Make in Europe’ "?
I can't say that I see any real valid basis for your chauvinism, but I do note that you support restrictions on the freedom of humanity. Might you be another one of the socialism / fascism is "freedom" club?
That's funny, most people that despise the "1%" seem to want to get rid of them... somehow. You want to keep them? Which "shit" do you refer to? Someone might be pulling the wool over your eyes, and it isn't the "1%."
I doubt that either Ukraine or Russia foresees Ukraine buying back nuclear weapons from Russia to point back at Russia.
Ukraine inherited significant portions of the Soviet ICMB design and manufacturing infrastructure. They almost certainly have the needed expertise to build nuclear weapons as well. Ukraine has a significant nuclear power infrastructure.
After the fall of the Soviet Union Russia didn't send bombers to probe NATO and US defenses until the last few years. When and how that is done can also be a signal.
It looks to me like you've got that completely wrong, not the least of which is the strategic weapons Ukraine had were developed by the Soviet Union of which both Russia and Ukraine were a part. As to the rest ...
Half of Ukraine's electricity is from nuclear power. That have 13 reactors now, and plan to add 11 more. Access to enriched nuclear materials isn't likely to be much of a problem.
Ukraine's strange love for nuclear power
Missile
Ukraine is capable of producing advanced intercontinental range ballistic missiles, and its missile industry is second only to Russia's among the former Soviet republics. The linchpin of this industry is the former Yuzhnoye Scientific Production Association, arguably the preeminent intercontinental ballistic missile (ICBM) design and production facility in the Former Soviet Union, whose capabilities are matched only by a handful of U.S. and Russian missile enterprises.
If Ukraine does go nuclear again they will only be following Putin's advice.
Is Ukraine about to go nuclear again?
Ironically, the notion of reacquiring nuclear weapons as a security guarantee is a position publicly advocated by Putin himself: "If you cannot count on international law, then you must find other ways to ensure your security. ... This is logical: If you have the bomb, no one will touch
Putin: Both causing and suggesting the solution to Ukraine's security problems. Thanks Vladimir Vladimirovich!
And look! He's turning up the heat because in brinkmanship too much is never enough.
Russia Threatens Invasion Unless Ukraine Stops Stopping Separatists
Dutch scramble jets after Russian bombers approach
The Dutch defense department says several NATO member countries scrambled jets Wednesday afternoon after a pair of Russian bomber planes approached their airspace over the North Sea.
The Dutch ministry identified the planes as two Russian TU-95 Bears, and said it had launched two F-16s from Volkel air force base to intercept them. The Russian jets were escorted by aircraft from the Netherlands, Britain and Denmark until they departed.
We haven't proven we can adequately care for the environment of the planet of our origin, why should we be allowed another viable planet to screw up?
Who do you think we have to ask permission of to leave the planet and travel to another?
So far as I'm concerned it's a good thing we're far from the point where we can reach and colonize other planets because it's clear we're just not ready and won't be for quite some time to come.
I find it interesting that your test of readiness isn't technical, but social. It is like saying that if everybody doesn't obey some set of arbitrary standards on the Titanic, nobody gets to go to the lifeboats.
Hell, I wouldn't be surprised if our galaxy is teeming with intelligent, starfaring races, and they've quarantined us because we're so fucked up and shouldn't be let loose on the galaxy.
You agree with the notion of restrictions on the freedom of humanity? When does that end?
Now if only they actually harvest and store it.
You know you have a really fast elevator when it gets its own theme song and maybe a TV show or movie. Maybe something like "Smokey in the Elevator," or "The Elevators a Hazard."
I wonder if Rosco P. Coltrane is available? He might work as sheriff.
What about an Emacs package? Or does the band not speak with a Lisp?
It's always fascinating to find yet another way one differs from hundreds of millions or even billions of other people.
Music to be pwned by.
That doesn't seem to be true.
The Many Flaws of Dual_EC_DRBG
Back in 2004-5, NIST decided to address a longstanding weakness of the FIPS standards, namely, the limited number of approved pseudorandom bit generator algorithms (PRGs, or 'DRBGs' in NIST parlance) available to implementers. This was actually a bit of an issue for FIPS developers, since the existing random number generators had some known design weaknesses.*
NIST's answer to this problem was Special Publication 800-90, parts of which were later wrapped up into the international standard ISO 18031. The NIST pub added four new generators to the FIPS canon. None these algorithms is a true random number generator in the sense that they collect physical entropy. Instead, what they do is process the (short) output of a true random number generator -- like the one in Linux -- conditioning and stretching this 'seed' into a large number of random-looking bits you can use to get things done.** This is particularly important for FIPS-certified cryptographic modules, since the FIPS 140-2 standards typically require you to use a DRBG as a kind of 'post-processing' -- even when you have a decent hardware generator.
The first three SP800-90 proposals used standard symmetric components like hash functions and block ciphers. Dual_EC_DRBG was the odd one out, since it employed mathematics more that are typically used to construct public-key cryptosystems. This had some immediate consequences for the generator: Dual-EC is slow in a way that its cousins aren't. Up to a thousand times slower.
Now before you panic about this, the inefficiency of Dual_EC is not necessarily one of its flaws! Indeed, the inclusion of an algebraic generator actually makes a certain amount of sense. The academic literature includes a distinguished history of provably secure PRGs based on on number theoretic assumptions, and it certainly didn't hurt to consider one such construction for standardization. Most developers would probably use the faster symmetric alternatives, but perhaps a small number would prefer the added confidence of a provably-secure construction.
I don't remember if I've seen that link before, but thanks for sharing it. That is a great explanation, and reinforces the point I've been making.
The Many Flaws of Dual_EC_DRBG
The 'back door' in Dual-EC comes exclusively from the relationship between P and Q -- the latter of which is published only in the Dual-EC specification.
Why don't you ask Interop why they basically returned a Class A network address block?
Interop Returns 16 Million IPv4 Addresses
Interop gives back a month’s worth of IPv4 addresses
Apparently Interop, the holder of the 45.x.x.x block since 1995, no longer needs that much space. They're now returning 99 percent of it to ARIN, the American Registry for Internet Numbers, which handles IP address distribution in North America. Interop is holding on to a small fraction of the 45/8 block that's currently in active use.
Your point is wrong. Much of the internet is reached by client nodes using NAT now.
Does your internet have any firewalls on it?
Client nodes reach the public internet just fine using NAT.
You could keep Dual_EC_DRBG by updating the standard to have a new set of constants just like you can update the standard to remove Dual_EC_DRBG entirely. It isn't that hard.
I never claimed that the existing constants were created via an open process. What I pointed out is that a new set of constants could be created by an open process and that addresses the trust issue.
That would have about as much effect as pissing into the ocean would have on raising sea levels.
That isn't completely true due to the high degree of leveraging that can occur with NAT. It only takes a relatively small number of public addresses to service millions of private IP client addresses. There are very large numbers of private IP addresses being wasted. One properly used Class A block could allow you to service many billions of client computers.
I agree that we do need to move to IPv6.
And hopefully more large companies and organizations that hold large blocks of public IP addresses will start moving to private IP addresses and release the public IP addresses for use by others. I know some places that have large numbers of systems with public IP addresses that are behind firewalls and really have no business having a public IP address on those systems anymore.
Oh dear, did something I wrote bruise your feelings at some point? That's too bad. What is worse is that you don't understand that establishing the facts is a different question than making an assessment. You don't seem to be up to judging my thought process at the moment.
The Current Science that we have, with the technology and Anthropology we have, rules out the possibility of the Christian religion having any basis in reality. It doesn't rule out the possibility a god exists. It only means that the current dominant Abrahamic religions are not realistic descriptions of the universe we live in.
Which science is that then? Is it the science that claims we live in a multiverse where there are infinite universes where every possibility happens? Is it the science that claims our universe is a hologram? Is it the science that claims we popped into existence through a fluctuation in quantum probability? Is it the science that claims to explain what the universe is and how it came about, except that it doesn't know what the dark matter and dark energy are that constitute the overwhelming majority of it ... assuming it exists at all and the explanation isn't actually a modified theory of gravity like TeVeS or some such? Is it the science that claimed that the coelacanth was dead for 66 million years .... until one was caught in 1938? Is it the science that claimed the city of Troy didn't exist ... until it was found? Is that the science that said that the Antikythera Mechanism shouldn't exist? Is it the science that claimed that the walls of Jericho falling outward was a myth ... until it was proven? Is it the science that claimed it was impossible that the Bible was transmitted accurately through the centuries.... until the Dead Sea scrolls and other document fragments were found to prove that it had been?
Perhaps you should prepare yourself for further "refinement" in the understanding of science on various matters?
But these religions justify how we treat other people, why certain social groups are stigmatized, and have a heavy impact on who are leaders are, what our laws are, how we raise our children, and the legitimacy of the standing governments. If the Religions aren't true, then there is no justification for the political positions of MANY people in the US Government.
Shall we contrast Marxism or Marxist-Leninism which has been claimed to be a "science" by countless millions over the last century, and which has been the governing philosophy for a large percentage of the earth's population into the 1990s (and still governs China and three lesser nations) with the Bible? Marxist principles (14:16-23:16) call for the destruction of the class enemy in the revolutionary struggle, and the destruction of primitive societies that were too far behind to catch up with the revolutionary struggle which at the time would have included groups such as the Serbs, Bretons, Basques, and Scottish Highlanders. The National Socialists, another set of socialists inspired by Marx, exterminated the "unfit," the deformed, gays, Jews, and many others.
Should we branch off into the Progressives and their ideas about eugenics?
And what of the Bible?
One of the teachers of the law came and heard them debating. Noticing that Jesus had given them a good answer, he asked him, “Of all the commandments, which is the most important?”
“The most important one,” answered Jesus, “is this: ‘Hear, O Israel: The Lord our God, the Lord is one. Love the Lord your God with all your heart and with all your soul and with all your mind and with all your strength. The second is this: ‘Love your neighbor as yourself. There is no commandment greater than these.” -- Mark 12:28-31
Your views seem very questionable on both the science and the question of religion.
You should have read the next line. Apparently you aren't there yet.
Once you understand that you can apply your suspicions.
The problem isn't the algorithm. The "problem" is specifically a question of trust in how the constants for the curve were developed. There is no backdoor if you don't create one from the start. The possibility of there being one is gone if you have an open process to create the curve values in which a backdoor isn't created. At that point the remaining issue is performance. Up till now there have been three other RNGs in the standard if you don't like Dual_EC_DRBG. Yes you can compare the situation to DES because the issue in question is the same in both cases: trust in the body creating the standard. The fact that they are different types of encryption is meaningless. Either NSA did or didn't backdoor DES. Either NSA did or didn't backdoor Dual_EC_DRBG. There is now enough accumulated knowledge and evidence to say that they didn't backdoor DES. We may never know about Dual_EC_DRBG. Suspicion is reasonable, claims of knowledge aren't unless you worked at NSA on that standards effort unless you want to say you "just know."
That really isn't right, is it? You're abusing the notion of "backdoor." The evidence that a backdoor is possible is incontrovertible. But practically speaking to have access to that backdoor you have to develop the backdoor values as part of defining the curve for the standard / implementation. If you don't develop the backdoor values as part of defining the curve then you are essentially back to solving the original problem in order to get your "shortcut". In other words, it is no help at all if you don't do it from the start. An unknown "backdoor" that is as hard or harder to solve than the original math problem isn't really what you could call a backdoor in conventional terms, is it?
Conclusions about Dual_EC_DRBG
The bias in the output mentioned earlier is concerning, but there are no known attacks against Dual_EC_DRBG unless you have pre-existing knowledge of the relationship between P and Q. In other words, this backdoor (if true as alleged) allows the NSA to break Dual_EC_DRBG but does not make it much vulnerable to anyone else. This is much different than a backdoor password which would be immediately usable by any adversary who discovered it (e.g. by reverse engineering the code).
On the Possibility of a Back Door in the NIST SP800-90 Dual Ec Prng