How important is public key encryption?
rjo_
Posts: 1,825
I have a good reason for asking. And what I mean is ... does anyone still use it in really vital places for really vital purposes?... or is it mostly a way to keep the illusion that you can exchange internet porn without serious people knowing what you are doing?
Rich
Post Edited (rjo_) : 4/4/2009 11:05:27 PM GMT
Rich
Post Edited (rjo_) : 4/4/2009 11:05:27 PM GMT
Comments
-Phil
-Phil
We need to go to something else... and while I might not exactly blow it up... I'm certainly going to put enough info somewhere so that the good people get the message. And it isn't exactly news for the people who really need to know this stuff.... except that the circle of people who need to know changes with the times... and in these times, our business people need to know.
Post Edited (rjo_) : 4/4/2009 11:31:56 PM GMT
Me, now, I use OTP.· And I use it correctly.· It has none of the convenience of public-key encryption, but (unlike RSA) there is no (published, anyway) way to attack it unless it is used incorrectly (as the Russians did in WW2, when they reused keypads once, and the keys weren't truly random, with the result that Roy·Phillips and Genevieve Grotjan broke the Soviet codes in November 1944.· Genevieve Grotjan was the same person who had come up with the key insight that made possible the breaking of the Japanese "purple" machine several years earlier.
For a few months in early 1942 the KGB, under pressure of wartime shortages, had printed duplicate copies of pages and bound them, often wih different page numbers, into separate one-time pads.
The OTPs weren't random because the Russians created them by having typists pound keys "at random", but they weren't really random because the typists unconsciously avoided double digits and because they alternated right and left hands, so that certain combinations (like 34, both left hand) occurred rarely.
And that was all it took for Grotjan and Phillips to read their encrypted messages.
The history of encryption is very interesting.
******· Edit:· Oops, Cecil Phillips, not Roy Phillips.
▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔
· -- Carl, nn5i@arrl.net
Post Edited (Carl Hayes) : 4/5/2009 1:06:29 AM GMT
I doubt that I discovered anything that wasn't already known... and the folks that review stuff like this decided to let it go.
-Phil
Could you provide more information on your concern about public key encryption?· Does it have to do with the key size, or is it the Diffie-Hellman algorithm, man-in-the-middle attacks, or does it concern the private key that is generated?· It doesn't help to be so mysterious about it.· If you are aware of a weakness in the public key encryption algorithm it would be good to publisize it so that it can be corrected.
Dave
-Phil
▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔
Need to make your prop design easier or secure? Get a PropMod has crystal, eeprom, and programing header in a 40 pin dip 0.7" pitch module with uSD reader, and RTC options.
Duffer
Post Edited (Duffer) : 4/5/2009 3:10:29 AM GMT
▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔
· -- Carl, nn5i@arrl.net
Also, by way of clarification, I believe that secure HTTP uses RSA only for the exchange of keys for DES encryption and that DES is used to encrypt any actual data that's exchanged.
(BTW, this diversion should, by no means, be contrued to let Rich off the hook. It's still PUOSU time for that guy!
-Phil
but then again wep can be hacked in 5 min yet lots of people still use it.
▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔
Need to make your prop design easier or secure? Get a PropMod has crystal, eeprom, and programing header in a 40 pin dip 0.7" pitch module with uSD reader, and RTC options.
('Still waiting for Rich's supporting link or documentation...)
-Phil
Post Edited (Phil Pilgrim (PhiPi)) : 4/5/2009 5:34:42 AM GMT
Such systems rely on the idea that it would take decades, with the fastest goodies, to factor a product of large primes.· But NSA has known that for decades; has the fastest goodies of all; and surely has been building tables of primes, and products of two primes, to lengths well beyond anything in use.· I'm sure they could have started doing that decades ago; I'm sure they knew decades ago that they needed to do it; and so I'm sure it makes sense to assume they have done it.· So I think they can routinely break, in seconds, any public-key message of which they are given either the public or the private key.· That includes RSA, DES, and all that other garp.
I'm also sure they wouldn't say they could do, or have done, any of that.
I use OTP to exchange information with my attorney, an old friend who also is interested in cryptography -- and with some other friends too.· It's inconvenient, because I must first·develop long random strings for keyfiles.· I wrote a program that develops 3GB random strings for this purpose, but each string takes a week or so to produce.· Faster hardware won't help, because the method relies on inherently random naturally-occurring physical events outside the computer.· I must create these key sequences, embed them in keyfiles appropriately formatted for my programs, and deliver them physically to anyone with whom I intend to exchange secure communications.· It would be no good sending the keyfiles by e-mail, would it?
The system also must provide for the utter destruction of·keyfile information immediately after using it, either for encryption or for decryption.· Otherwise, a "black bag" operation could obtain a copy of a keyfile and use it to decrypt past ciphertext, and future ciphertext too if I don't detect the intrusion.· One result is that I cannot myself decrypt anything I have encrypted, and my correspondent can decrypt it only once.·
Such a system would be useless for Internet commerce, of course.·
Anyway, some years ago I deeloped a whole software system to do all that.· It's all in PC assembler.· One virtue is that knowing how it works, or even· having copies of the programs, is useless for defeating it.· You've got to possess the keyfiles, and they're destroyed at both ends as an immediate result of using them.· They're truly random, not pseudorandom, so they can't be recreated by any process.· When a keyfile is used, only the portion that was used is destroyed -- so, for instance, a 3GB keyfile and its single copy·can be used for encrypting/decrypting, say, 100 messages of 30MB each; and so forth.
One useful feature is that the programs will not permit use of a particular keyfile for encryption after it has been used for decryption, or vice versa.· That prevents the error condition in which he and I both encrypt stuff with our copies of the same keyfile, which would mean that neither of us could decrypt it because the same part of the keyfile was used and·destroyed -- that would be another kind of deadly embrace.
Also, if on the decrypting end you nominate the wrong keyfile, the programs will detect that, and reject it.
The worst mistake would be to keep these keyfiles on any storage that is ever backed up.· We don't do that.· At least, I don't -- and since my usual correspondent has an IQ that is in about the one-in-ten-million range, higher than mine, I'm sure he doesn't either.
Cryptology, and cryptanalysis, are great fun.· And I agree, we mustn't let rjo_ off the hook.
·
▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔
· -- Carl, nn5i@arrl.net
Post Edited (Carl Hayes) : 4/5/2009 7:41:03 AM GMT
Don't ask for the code I don't have it any more but the idea is simple. Take the mandelbrought set and several other fractals and combine them to make super multi dimensional fractals. Use DES algorithm as a randomizer of the fractal points between iterations. In this way you can generate a psudo random table of bits of any length with any length of input key. The table can then just be xor with your data to encrypt or decrypt the data.
▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔
Need to make your prop design easier or secure? Get a PropMod has crystal, eeprom, and programing header in a 40 pin dip 0.7" pitch module with uSD reader, and RTC options.
generate a table of letters, words, and phrases used in your writing. a sign each a variable length binary value using hufman algorithm.
hand deliver the key file to each side
simple. but if you make your key file with enough full words in it represented by a single symbol cracking methods get difficult since every symbol has a variable length.
▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔
Need to make your prop design easier or secure? Get a PropMod has crystal, eeprom, and programing header in a 40 pin dip 0.7" pitch module with uSD reader, and RTC options.
▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔
· -- Carl, nn5i@arrl.net
my key file dId have over 200000 symbols words or phrases
▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔
Need to make your prop design easier or secure? Get a PropMod has crystal, eeprom, and programing header in a 40 pin dip 0.7" pitch module with uSD reader, and RTC options.
When using in reality I was encoding the data into the least significant bit of each color of each pixel in a picture. When looking at the picture you can not even see the difference to even think data was coded there. Only problem was I was using bitmaps. Would have been cool to use jpg but did not know how they worked well enough to write a custom encoder/decoder.
▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔
Need to make your prop design easier or secure? Get a PropMod has crystal, eeprom, and programing header in a 40 pin dip 0.7" pitch module with uSD reader, and RTC options.
▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔
· -- Carl, nn5i@arrl.net
The purpose for it was to get past the screening at work. I could easily send emails with pictures attached and get them back. It was more for fun then anything since I also had access to the dataloger and could just remove traces of the packets from the log if I really cared.
▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔
Need to make your prop design easier or secure? Get a PropMod has crystal, eeprom, and programing header in a 40 pin dip 0.7" pitch module with uSD reader, and RTC options.
By the way though in my chalenge to several code breakers I knew I encoded Genesis 1 with 1 key file. When I was using this I did change the key file once a week.
▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔
Need to make your prop design easier or secure? Get a PropMod has crystal, eeprom, and programing header in a 40 pin dip 0.7" pitch module with uSD reader, and RTC options.
I've log more miles in the last two days than a crack addict in montana. I was shocked to see the number of replies and promise to respond one by one.
You guys are great.
ILMP
Rich
Once you know there is a message encoded in a picture it is very simple to extract it, and then it can be analyzed by standard decryption methods.
Unfortunately the only truly sure method of encryption at present is the one time pad, and then only if that is done properly, which is very inconvenient.