You forget that anything Firefox or Chrome have, they ripped off (badly) from Opera 12 and before. Vivaldi is just a revival of that older and actually much, much better technology with modern tools.
I do. I am still on Opera 12 as, frankly, all new current mainstream browsers have a really bad and broken UI, including any post-12 versions of Opera. Now Opera 12 mostly works fine today, but the number of sites broken with it is slowly increasing.
Using a CPRNG for production of keys in the length of the message and then XORing that to the message is called a "stream cipher". The actual key is the CPRNG initialization. For example, OFB mode for block-ciphers works that way. This is not a one-time pad at all, for that the key needs to be true random, not faked random.
Incidentally, the Russians did that in WWII because they ran out of paper for new pads. As soon as two messages encrypted with the same pad are intercepted, decryption gets very easy.
Or arrange for real cover-traffic: Send a message of exactly the same length every hour (or what you need) and send nothing else, ever. That does not even tell them whether you are communicating. SigInt is a lot about just finding communication patterns even when there is zero information about the contents.
The thing is that OTPs are "arranged" before communication and by entirely different means. Sure, you could call that "transmission", but it does not make much sense to do so. After all, you could call the printing of the pad "transmitting it to the paper" as well. While technically correct, it is not useful to do that.
Might have been 4000 chars. Unfortunately I cannot check, this was something the Professor only added on the blackboard and I do not have my notes anymore after 25 years. But the point is because of this effect, even historic cipher technology like the enigma is secure against ciphertext-only attacks if the keys are good and the amount of available ciphertext is limited.
If I remember correctly, the Germans were using code-terms for everything back then and the code-breakers finally had a Spitfire fighter attack a seal colony, because there was no code phrase for "Spitfire beschiesst Robbenbank" (well, obviously, because doing that does not make sense at all;-) and that gave them one plaintext-ciphertext pair. From that they could figure out how the Germans were keying the Enigma (which was not random at all) and the thing was broken. The whole history is fascinating. If the Germans had keyed the Enigma competently and had not radioed _everything_ in, the war might have gone differently. The world really got lucky there.
Even with that limitation, it is still untrue in general. But it would begin to make some sense, because then it would be true in quite a few real-world situations. However then you need to take real-world limits into account: For example, you cannot torture somebody if you cannot get hold of them.
Wrong, unless you say there is not true randomness in the world. Current Quantum-Mechanics says there is and it is actually easy to harvest. And OTPs get used (for example, in ultra secret diplomatic communication) and it is a proper cipher.
Incidentally, Quantum Modulation (it is not crypto, really not) is not Information-Theoretically Secure. It is at best Quantum-Theoretically Secure and secure in the real world only if Quantum Theory gets a lot more exactly verified against reality as is possible today.
Actually, there is one possibility. If there is some sort of "decryption magic" in this universe, then they fall. If it is only mathematics, then they are unbreakable. While Mathematics only approximates the real world, no credible signs of any such "magic" has ever been found, so it is safe to say it is not a concern.
That is one reason a good crypto course teaches the notion of "Information Theoretically Secure" and then explains that the TOP is the only one fulfilling that and why that is the case.
Incidentally, there is one exception, where the brute forcing and checking whether it makes sense does not work: If you have a message in the length of one cipher block and the key also is in this length, then you get almost all or all messages that make sense as possible decryption results. You may lose some due to key-collisions for this specific plaintext (same ciphertext-plaintext pair for different key) but not many if the cipher is any good.
Actually, it could be "hail" in some award English way meaning "hi". Of course, such informality would immediately have you gotten sent to the next KZ.
Indeed. It is fascinating that people not even understanding the very basics of crypto feel qualified to make such statements. Dunning-Kruger Effect at work, no doubt.
That is nonsense. OTPs do not get "transmitted" for exactly the reason you state. They are pre-arranged or in crypto-lingo, they are a Pre-Shared Key. If you need to transmit them, you are already doing it wrong.
Unfortunately, OTPs are of limited value in practice, since they key must be at least as long as the message.
For extremely critical messages, they are still practical (think "flash" type embassy traffic). They can also be used to encrypt session keys, dropping the security level to that of the block cipher used.
No, you have not. Identifying the right plaintext is necessary for breaking the encryption and critically so. After all "Attack at dawn" and "Do not attack!" have the same length, but unless you know which one is the right plaintext, you know exactly nothing except the length of the message.
No, they are not. Sure, it is easy to come up with a plaintext of the same length (and with all of them if you have unlimited computation power), but the verification whether that is the right one is impossible. That is what makes it secure, you know.
Incidentally, just finding a plaintext of the same length is easy for all ciphers. It is a completely meaningless exercise though and does not compromise security, unless the user was stupid enough to leak data by the length of the message. Some recent SSL vulnerability did that by compressing attacker-delivered data together with other data. If the attacker-delivered data had the same bytes as the secret data, it compressed better, and thereby leaked the secret data.
Well, I do not doubt there are better engineers around than Linus. (In fact, in some regards, I qualify and many others will as well.) That was not my point. Linus built the initial thing, but much more importantly built the community and kept it running and set standards for the kernel that work very well. He not only had the vision, but he made it work by attracting the right people and then organizing them. That is a completely different thing from being an excellent engineer. If you have another one of those people, and one better than Linus at it, I would be very surprised.
I do agree on your last paragraph though. He only blows up when given serious provocation. In a person enforcing quality guidelines this is critically important. Whether that blow-up is polite or not is pretty immaterial though, what matters is that the blow-up is recognized as such.
Don't worry, it is understandable. However the whole stance does not work in German and would need to be worked around. German is a really badly designed language and I say this as a native speaker. Kids are routinely struggling with it.
Also, by definition, no encryption is unbreakable, you just need a few thousand years to crack it.
Untrue. Encryption may be "Information-Theoretically secure". These cannot be broken with just enough computing power. For example, for ordinary text, this is even true for the venerable Enigma if less than 4000 Bits (if I remember things correctly) of ciphertext are available and the key was chosen at random. One-time pad based encryptions are never breakable, the only information you get is the maximum number of Entropy in the message, nothing else.
You wrong statement is one of the often-repeated untruths about encryption.
You forget that anything Firefox or Chrome have, they ripped off (badly) from Opera 12 and before. Vivaldi is just a revival of that older and actually much, much better technology with modern tools.
Not everybody wants to use the same 2nd-rate trash the mainstream likes. There are quite a few people that will move to Vivaldi once it is done.
I do. I am still on Opera 12 as, frankly, all new current mainstream browsers have a really bad and broken UI, including any post-12 versions of Opera. Now Opera 12 mostly works fine today, but the number of sites broken with it is slowly increasing.
Using a CPRNG for production of keys in the length of the message and then XORing that to the message is called a "stream cipher". The actual key is the CPRNG initialization. For example, OFB mode for block-ciphers works that way. This is not a one-time pad at all, for that the key needs to be true random, not faked random.
Incidentally, the Russians did that in WWII because they ran out of paper for new pads. As soon as two messages encrypted with the same pad are intercepted, decryption gets very easy.
Or arrange for real cover-traffic: Send a message of exactly the same length every hour (or what you need) and send nothing else, ever. That does not even tell them whether you are communicating. SigInt is a lot about just finding communication patterns even when there is zero information about the contents.
Of course, the magic does not have any problems here. That is why it is called "magic".
How do you measure that?
And while I am no expert, it seems to me that apart from some nuclear and banking problems, Japan is doing fine.
The thing is that OTPs are "arranged" before communication and by entirely different means. Sure, you could call that "transmission", but it does not make much sense to do so. After all, you could call the printing of the pad "transmitting it to the paper" as well. While technically correct, it is not useful to do that.
That is a good rule. While I agree that most of the time other things are better, sometimes they are not and then you should be allowed to use it.
Might have been 4000 chars. Unfortunately I cannot check, this was something the Professor only added on the blackboard and I do not have my notes anymore after 25 years. But the point is because of this effect, even historic cipher technology like the enigma is secure against ciphertext-only attacks if the keys are good and the amount of available ciphertext is limited.
If I remember correctly, the Germans were using code-terms for everything back then and the code-breakers finally had a Spitfire fighter attack a seal colony, because there was no code phrase for "Spitfire beschiesst Robbenbank" (well, obviously, because doing that does not make sense at all ;-) and that gave them one plaintext-ciphertext pair. From that they could figure out how the Germans were keying the Enigma (which was not random at all) and the thing was broken. The whole history is fascinating. If the Germans had keyed the Enigma competently and had not radioed _everything_ in, the war might have gone differently. The world really got lucky there.
Even with that limitation, it is still untrue in general. But it would begin to make some sense, because then it would be true in quite a few real-world situations. However then you need to take real-world limits into account: For example, you cannot torture somebody if you cannot get hold of them.
Wrong, unless you say there is not true randomness in the world. Current Quantum-Mechanics says there is and it is actually easy to harvest. And OTPs get used (for example, in ultra secret diplomatic communication) and it is a proper cipher.
Incidentally, Quantum Modulation (it is not crypto, really not) is not Information-Theoretically Secure. It is at best Quantum-Theoretically Secure and secure in the real world only if Quantum Theory gets a lot more exactly verified against reality as is possible today.
Actually, there is one possibility. If there is some sort of "decryption magic" in this universe, then they fall. If it is only mathematics, then they are unbreakable. While Mathematics only approximates the real world, no credible signs of any such "magic" has ever been found, so it is safe to say it is not a concern.
That is one reason a good crypto course teaches the notion of "Information Theoretically Secure" and then explains that the TOP is the only one fulfilling that and why that is the case.
Incidentally, there is one exception, where the brute forcing and checking whether it makes sense does not work: If you have a message in the length of one cipher block and the key also is in this length, then you get almost all or all messages that make sense as possible decryption results. You may lose some due to key-collisions for this specific plaintext (same ciphertext-plaintext pair for different key) but not many if the cipher is any good.
Actually, it could be "hail" in some award English way meaning "hi". Of course, such informality would immediately have you gotten sent to the next KZ.
Indeed. It is fascinating that people not even understanding the very basics of crypto feel qualified to make such statements. Dunning-Kruger Effect at work, no doubt.
That is nonsense. OTPs do not get "transmitted" for exactly the reason you state. They are pre-arranged or in crypto-lingo, they are a Pre-Shared Key. If you need to transmit them, you are already doing it wrong.
Unfortunately, OTPs are of limited value in practice, since they key must be at least as long as the message.
For extremely critical messages, they are still practical (think "flash" type embassy traffic). They can also be used to encrypt session keys, dropping the security level to that of the block cipher used.
No, you have not. Identifying the right plaintext is necessary for breaking the encryption and critically so. After all "Attack at dawn" and "Do not attack!" have the same length, but unless you know which one is the right plaintext, you know exactly nothing except the length of the message.
No, they are not. Sure, it is easy to come up with a plaintext of the same length (and with all of them if you have unlimited computation power), but the verification whether that is the right one is impossible. That is what makes it secure, you know.
Incidentally, just finding a plaintext of the same length is easy for all ciphers. It is a completely meaningless exercise though and does not compromise security, unless the user was stupid enough to leak data by the length of the message. Some recent SSL vulnerability did that by compressing attacker-delivered data together with other data. If the attacker-delivered data had the same bytes as the secret data, it compressed better, and thereby leaked the secret data.
Well, I do not doubt there are better engineers around than Linus. (In fact, in some regards, I qualify and many others will as well.) That was not my point. Linus built the initial thing, but much more importantly built the community and kept it running and set standards for the kernel that work very well. He not only had the vision, but he made it work by attracting the right people and then organizing them. That is a completely different thing from being an excellent engineer. If you have another one of those people, and one better than Linus at it, I would be very surprised.
I do agree on your last paragraph though. He only blows up when given serious provocation. In a person enforcing quality guidelines this is critically important. Whether that blow-up is polite or not is pretty immaterial though, what matters is that the blow-up is recognized as such.
Don't worry, it is understandable. However the whole stance does not work in German and would need to be worked around. German is a really badly designed language and I say this as a native speaker. Kids are routinely struggling with it.
"New Coders" that then mess it up? I don't think so. Some level of actual real skill required, or people may not apply.
Also, by definition, no encryption is unbreakable, you just need a few thousand years to crack it.
Untrue. Encryption may be "Information-Theoretically secure". These cannot be broken with just enough computing power. For example, for ordinary text, this is even true for the venerable Enigma if less than 4000 Bits (if I remember things correctly) of ciphertext are available and the key was chosen at random. One-time pad based encryptions are never breakable, the only information you get is the maximum number of Entropy in the message, nothing else.
You wrong statement is one of the often-repeated untruths about encryption.