Cryptography-Digest Digest #517, Volume #12 Wed, 23 Aug 00 18:13:01 EDT
Contents:
Re: What is required of "salt"? (David A. Wagner)
Re: My unprovability madness. ("Paul Lutus")
Re: 1-time pad is not secure... (Shellac)
Re: OH NO! ("Aztech")
Re: Steganography vs. Security through Obscurity (nobody)
Re: My unprovability madness. ("Adam Russell")
Re: Steganography vs. Security through Obscurity ([EMAIL PROTECTED])
Re: Steganography vs. Security through Obscurity ([EMAIL PROTECTED])
understanding RC4 ([EMAIL PROTECTED])
Re: The DeCSS ruling ("Douglas A. Gwyn")
Re: blowfish problem ("Kelsey Bjarnason")
The Future Direction ("Richard Bembridge")
Re: Steganography vs. Security through Obscurity ("Douglas A. Gwyn")
Re: 1-time pad is not secure... ("Douglas A. Gwyn")
Re: blowfish problem ("Douglas A. Gwyn")
Re: Bytes, octets, chars, and characters ([EMAIL PROTECTED])
Re: Steganography vs. Security through Obscurity ([EMAIL PROTECTED])
Re: Bytes, octets, chars, and characters ("Douglas A. Gwyn")
Re: Bytes, octets, chars, and characters ([EMAIL PROTECTED])
Re: Steganography vs. Security through Obscurity (David A Molnar)
Re: 1-time pad is not secure... (Shellac)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (David A. Wagner)
Subject: Re: What is required of "salt"?
Date: 23 Aug 2000 12:17:19 -0700
In article <[EMAIL PROTECTED]>, John Myre <[EMAIL PROTECTED]> wrote:
> "David A. Wagner" wrote:
> > or in requiring
> > passwords for network access to computer systems.
>
> Hm. This reads as though when you say "passwords" you mean
> only the technique you described above: storing password
> hashes in a world-readable file. I certainly agree that such
> a system is rarely appropriate.
Oops, here I meant to refer specifically to sending passwords in the
clear over a network. Somehow the "in the clear" phrase didn't survive
my self-editing. Sorry.
> I think I'll repeat from an earlier post: what are your
> thoughts on the so-called "strong password methods" like
> SRP?
Excellent stuff, when the threat model is right.
Sorry, I didn't mean to include them in my complaint about passwords.
There are plenty of good uses for passwords (e.g., encrypting private
keys; enable codes for smartcards; ATM PIN's); I only wanted to complain
about the practice of using plain passwords without any appropriate
accompanying crypto. I realize that my original post did a very poor
job of communicating that intention. Ok, I think I'll go back to writing
school now. :-/
------------------------------
From: "Paul Lutus" <[EMAIL PROTECTED]>
Crossposted-To: sci.math,sci.physics
Subject: Re: My unprovability madness.
Date: Wed, 23 Aug 2000 12:30:19 -0700
> So would an undecidable statement be false and it's negation also be
false?
Not necessarily. About Gödel's Theorem it is said that it makes some true
statements unprovable. The implication is that they are no less
self-evidently true for being unprovable. Same for false statements.
Also, a statement that is false, and its inverse also false, is a separate
category -- a logical flaw in the system. AFAICS this doesn't require
invocation of the Theorem.
--
Paul Lutus
www.arachnoid.com
Adam Russell <[EMAIL PROTECTED]> wrote in message
news:DtSo5.2462$[EMAIL PROTECTED]...
> <other logic systems snipped>
> > Constructive logic:
> > Logics in which a wff is true iff it is provable. Therefore,
> > undecidable truths (like Godel's G) are ruled out by
> > definition.
>
> So would an undecidable statement be false and it's negation also be
false?
>
>
>
>
------------------------------
From: Shellac <[EMAIL PROTECTED]>
Subject: Re: 1-time pad is not secure...
Date: 23 Aug 2000 20:37:31 +0100
=====BEGIN PGP SIGNED MESSAGE=====
Hash: SHA1
"Douglas A. Gwyn" <[EMAIL PROTECTED]> writes:
> Tim Tyler wrote:
> > Even if events do not have predictable casuse, there's still weird
> > faster-than-the-speed-of-light, non-local happenings going on.
>
> To the contrary, one has to invoke such "non-physical"
> ideas like FTL or nonlocal causation only if one
> stubbornly *insists* on underlying predictability.
> Physics has found it much more productive to give
> up underlying predictability than to wreak utter
> havoc in the area of causation.
That is probably incorrect - there are a number of related proofs
which suggest that indeterministic versions of quantum mechanics must
be non-local (very roughly - it is related to Bell's inequality). See
Dickson's "Quantum Chance and Non-Locality" (CUP).
Shellac
- --
Key fingerprint = FC31 23CA 3EBA E30D 2F20 D7EA 8C8F BB0A 49CA 5201
I use and endorse MkLinux, MacOS, GnuPG, Xemacs, Alpha (text
processor), wwwoffle, w3m, Gnus, Leafnode, Cherry Coke, PG Tips. They
do not sponsor me. Despite endless requests.
=====BEGIN PGP SIGNATURE=====
Version: GnuPG v1.0.2 (GNU/Linux)
Comment: Processed by Mailcrypt 3.5.5 and Gnu Privacy Guard <http://www.gnupg.org/>
iD8DBQE5pCf0jI+7CknKUgERAnRyAKCA2gm+Q1HKXKm3vE+1sTrPvpSTwQCbB+XU
VhccIEndMhnpDjadM4afjFk=
=IQqY
=====END PGP SIGNATURE=====
------------------------------
From: "Aztech" <[EMAIL PROTECTED]>
Subject: Re: OH NO!
Date: Wed, 23 Aug 2000 19:45:12 GMT
You're gonna loose your home? What do your parents expect when they put
their finances in the hands of a 13yr old.
Az.
"Mark Wooding" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
> > My parents are going to lose their home if I cannot raise $1,000 by
> > next week! I would appreciate if everyone could donate money to me by
> > sending a donation through paypal to [EMAIL PROTECTED]!
>
> Yeah, right.
>
> What was your cryptography question again?
>
> -- [mdw]
------------------------------
From: nobody <[EMAIL PROTECTED]>
Subject: Re: Steganography vs. Security through Obscurity
Date: Wed, 23 Aug 2000 19:45:10 GMT
In article <[EMAIL PROTECTED]>, Mok-Kong Shen
<[EMAIL PROTECTED]> wrote:
> [EMAIL PROTECTED] wrote:
> >
>
> > I maintained that one of the differences between the two is that
> > strong cryptography doesn't need obscurity. However, every system
> > I've seen for steganography requires some obscurity. If the algorithm
> > is known, then the steganography can be defeated.
> >
> > In other words, security through obscurity is a requirement for
> > steganography.
>
> Strong cryptography doesn't need obscurity or else it
> is (by definition) not strong. One commonly refers to
> keeping the encryption algorithm secret as 'security
> through obscurity' in context of cryptography in the
> narrow sense (which excludes steganography).
> Steganography attmepts to hide the presence of secret
> informations and hence IS one form of 'security through
> obscurity'.
Moreover, steganography attempts to hide the very _presence_ of
information. Data can't be decrypted if you don't know it's there. :-)
Have fun!
------------------------------
From: "Adam Russell" <[EMAIL PROTECTED]>
Crossposted-To: sci.math,sci.physics
Subject: Re: My unprovability madness.
Date: Wed, 23 Aug 2000 13:05:04 -0700
No, I wasn't speaking of Godel. I was referring to the suggestion of a
system of logic where unprovable statements are deemed to be false. That
system seems to be flawed because it produces examples of A and !A both
being false. Undecidable truths may be ruled out by definition, but the
cure is worse than the disease.
"Paul Lutus" <[EMAIL PROTECTED]> wrote in message
news:hDVo5.6049$[EMAIL PROTECTED]...
> > So would an undecidable statement be false and it's negation also be
> false?
>
> Not necessarily. About Gödel's Theorem it is said that it makes some true
> statements unprovable. The implication is that they are no less
> self-evidently true for being unprovable. Same for false statements.
>
> Also, a statement that is false, and its inverse also false, is a separate
> category -- a logical flaw in the system. AFAICS this doesn't require
> invocation of the Theorem.
>
> --
>
> Paul Lutus
> www.arachnoid.com
>
>
> Adam Russell <[EMAIL PROTECTED]> wrote in message
> news:DtSo5.2462$[EMAIL PROTECTED]...
> > <other logic systems snipped>
> > > Constructive logic:
> > > Logics in which a wff is true iff it is provable. Therefore,
> > > undecidable truths (like Godel's G) are ruled out by
> > > definition.
> >
> > So would an undecidable statement be false and it's negation also be
> false?
> >
> >
> >
> >
>
>
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Steganography vs. Security through Obscurity
Date: Wed, 23 Aug 2000 20:13:04 GMT
[EMAIL PROTECTED] wrote:
> I maintained that one of the differences between the two is that
> strong cryptography doesn't need obscurity. However, every system
> I've seen for steganography requires some obscurity. If the algorithm
> is known, then the steganography can be defeated.
That's rather like saying the differance between cows and oranges is
that you get milk from cows, and juice from oranges. It's an obvious
difference, because they're meant to do two different things.
Good encryption should prevent an attacker from learning the contents
of a message. Good steganography should provide plausible deniability
that a message exists.
It's not true that knowing the algorithm is enough to defeated
steganography, althouth it sometimes is. It's also possible to create
keyed steganographic systems, where the key is either input to an
underlying cipher or used to determine how the information is
hidden.
--
Matt Gauthier <[EMAIL PROTECTED]>
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Steganography vs. Security through Obscurity
Date: Wed, 23 Aug 2000 20:10:51 GMT
In article <mEUo5.3803$[EMAIL PROTECTED]>,
"Aztech" <[EMAIL PROTECTED]> wrote:
> You can have the best of both worlds, i.e. encrypt the content with
strong
> crypto then using steganography embed the file within an image.
Yes. Both is better. No argument.
I normally use the phrase "Security through obscurity provides
temporary security, that degrades over time."
I think this is a nice way to explain the problem to those who
are a little clueless.
I guess my point is that there are those that parrot "security
through obscurity is bad bad bad" without really understanding
the issues. I thought the same way, untill I started thinking
about steganography in detail.
I was building a steganometric system, and one individual felt it
was his "duty" to reveal everything he could about it in an effort
to "improve" the security. I argued that he
was doing the opposite, and he parroted "security through obscurity"
to justify his actions. I pointed out to him that steganography
REQUIRES obscurity, and instead of improving the security, he
was weakening it. I'm not sure he understood this.
That's the trouble with some people. They repeat phrases without
understanding the implications. Tsk. Tsk. And he had a PhD and
claimed to be an expert.
- Bruce Barnett
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: [EMAIL PROTECTED]
Subject: understanding RC4
Date: Wed, 23 Aug 2000 20:27:35 GMT
================================================
Newbie alert. At the risk of sounding silly - I pose the following
question. (I am new to cryptology).
I know the following:
1. Plaintext = "secret"
2. Encrypted string = "06E0A50B579AD2CD5FFDC48565627EE7"
3. RC4 algorithm was used (possibly modified somehow)
4. No salting was used in RC4.
Given this information, is it possible to write an RC4 encryption
routine that does helps me encrypt other plaintexts in the _same_
manner?
Does no-salt-used mean that the encryption key does not depend on the
plaintext?
Any help/insights/source code snippets/websites would be most
appreciated.
- Grank.
===========================================================
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: The DeCSS ruling
Date: Wed, 23 Aug 2000 16:48:11 -0400
Jim Steuert wrote:
> To presume that we are reverse-engineering software for the purpose
> of some "illegal" intent "before" we actually reverse-engineer it
> is a very serious presumption of guilt.
I didn't say that.
However, the usual purpose of reverse-engineering is to benefit
from somebody else's work without compensating them for it.
------------------------------
From: "Kelsey Bjarnason" <[EMAIL PROTECTED]>
Crossposted-To: comp.lang.c
Subject: Re: blowfish problem
Date: Wed, 23 Aug 2000 20:49:27 GMT
"Dan Pop" <[EMAIL PROTECTED]> wrote in message
news:8nva62$hla$[EMAIL PROTECTED]...
> In <45Eo5.2405$[EMAIL PROTECTED]> "Kelsey Bjarnason"
<[EMAIL PROTECTED]> writes:
>
> >Right - but an 8-bit char with no traps could handily fit inside a 17-bit
> >byte which itself _does_ have traps - just not ones representable within
the
> >limits of a char.
>
> If this is the case, the extra 9 bits DO NOT EXIST for the C
> implementation, i.e. they CANNOT contribute to the value of ANY C
> object (because the representation of the value can be accessed via
> unsigned chars).
>
> If no C program can "see" those bits, how do we know they actually
> exist, in the context of the C programming language?
We don't. However, we cannot blithely assume that char "precisely" fits a
byte - at least if by that we mean they are bit-for-bit identical. It was
_that_ assertion I was questioning - are they, in fact, defined anywhere to
be any sort of fit, precise or otherwise, beyond the requirement that a char
fit _in_ a byte?
Assume a C compiler for a machine with 16-bit machine bytes, n-bit C bytes,
and 8-bit C chars. So far, there's no apparent need for n-bit bytes to be
either 16 or 8, although it strikes me that 16 would be more likely.
So a pascal program on the machine creates a data file, writing out 64-bit
unsigned integer values, and doing so by masking off a byte, storing that
value, shifting, and continuing, storing the results in MSB to LSB order.
It does this 4 times, writing a 16-bit byte each time. Along comes your C
program. Your C program knows the order and format of the data file, but
cannot retrieve the data in any case... because the C compiler's chars are 8
bits while the bytes are 16 bits; you cannot actually retrieve the remaining
8 bits of each char - nor can you retrieve the original 64-bit value.
Now this may be a perverse implementation for that platform, but as I read
things, it is within its rights to behave this way, because, as far as I can
tell, there is no requirement that bytes and chars are the same size... that
the compiler's most likely size for a byte is whatever the underlying
architecture uses, but it is free to use a different size for char, as long
as that will fit _in_ a byte. So it uses bytes which are 16 bit, but chars
which are 8 bit, and you're hosed; you can't solve the problem.
Now, where does the standard actually state that chars "precisely" fit
bytes? I can't find it, but I may have missed it. If, in fact, it doesn't,
is there any sort of guarantee that the above scenario can't happen? If
not, shouldn't the equivalence of char and byte be made a little more
specific? :)
------------------------------
From: "Richard Bembridge" <[EMAIL PROTECTED]>
Subject: The Future Direction
Date: Wed, 23 Aug 2000 21:54:09 +0100
I have been doing some research on Quantum Key Distribution, and there is a
surprising amount of literature already available. Do not, however, expect
to be able to walk into a book shop and pick up a "Idiot's Guid to Quantum
Cryptography" just yet!
Some places I found really useful were:
The Los Alamos National Laboratory pre-print archive (quantum physics)
http://xxx.lanl.gov/find/quant-ph
Elsevier Science (hold large archives of journals and reports)
http://www.elsevier.nl/
Infoworld (registration required)
http://www.infoworld.com/
For really exciting news on QKD, read about the work of Richard J. Hughes
and William T. Buttler, both of LANL, and also Paul D. Townsend, of the BT
Laboratory, United Kingdom.
Hughes and Buttler's work on free-space QKD might herald a new era in secure
global communication, without having to rely on fibre-optic cable. (What
will the US and UK governments think about that?)
Townsend's work demonstrated that QKD can be sustained within a regular
broadband fibre-optic link, with little distortion.
If anybody has any further comments to add to the links I gave, or more
specifically (and helpfully for me, as it happens!) to my thoughts on the
new developments I mentioned above, please carry this thread on.
Thanks for reading my reply. Hope it helps!
Rich
PS Sorry for re-starting this thread. I wouldn't mind some feedback myself,
is all. Thanks for understanding.
[EMAIL PROTECTED]
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: Steganography vs. Security through Obscurity
Date: Wed, 23 Aug 2000 16:52:57 -0400
[EMAIL PROTECTED] wrote:
> I was building a steganometric system, and one individual felt it
> was his "duty" to reveal everything he could about it in an effort
> to "improve" the security. I argued that he
> was doing the opposite, and he parroted "security through obscurity"
> to justify his actions. I pointed out to him that steganography
> REQUIRES obscurity, and instead of improving the security, he
> was weakening it. I'm not sure he understood this.
He might have understood it better than you..
The meaning behind the dictum against relying on obscurity
for security is that you need to allow for the possibility
that the enemy will gain complete information about the
*general system* you are using, and even under those
conditions the data should still be protected.
In fact there are steganographic systems that meet that
requirement -- even if the enemy is looking for your
message and knows how you're hiding it, he cannot prove
that it is present.
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: 1-time pad is not secure...
Date: Wed, 23 Aug 2000 16:57:22 -0400
Shellac wrote:
> there are a number of related proofs which suggest that
> indeterministic versions of quantum mechanics must be non-local
But Little's approach counters those. As with EPR, apparent
nonlocality or FTL is often (always?) due to inappropriate
assumptions made in the analysis.
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Crossposted-To: comp.lang.c
Subject: Re: blowfish problem
Date: Wed, 23 Aug 2000 17:18:20 -0400
Kelsey Bjarnason wrote:
> We don't. However, we cannot blithely assume that char "precisely"
> fits a byte ...
It is not a "blithe assumption". It is embedded in the use of
those terms in the C standard, which I helped write. Indeed,
during development of the initial C standard I urged *making*
a distinction between char and byte (for which I proposed the
type "short char"), and identified all the affected places in
the draft. However, the committee definitely voted against
that approach and affirmed that insofar as the C standard is
concerned, "byte" and "char" refer to the same thing, context
determining which name is used. "Character" (without a
qualifying adjective like "wide") is yet another synonym,
but due to the existence of several kinds of "character"
and character encodings even within a single implementation,
it is best to avoid using that term. There are two types
officially associated with characters in C: wchar_t and char,
the latter holding in general only a subset of the characters
that are supported by the more general wchar_t. (wchar_t was
originally called "long char" in a proposal contemporaneous
with my "short char" proposal).
That has nothing to do with the meaning of "byte" outside the
context of the C standard; in the outside world "byte" means
"octet" when referring to current storage devices, and in
other contexts might or might not mean "octet". In computer
architectures historically, "byte" meant a stretch of bits
(generally a subset of a single word) that were dealt with as
a unit in some associated operation, and the width could be
from 1 to the word size, depending on the machine.
> Now, where does the standard actually state that chars "precisely"
> fit bytes?
Under the spec for the sizeof operator.
------------------------------
From: [EMAIL PROTECTED]
Crossposted-To: comp.lang.c,alt.folklore.computers
Subject: Re: Bytes, octets, chars, and characters
Date: Wed, 23 Aug 2000 21:15:06 GMT
In article <[EMAIL PROTECTED]>,
Eric Smith <[EMAIL PROTECTED]> wrote:
> You're talking about the IBM 7951 Processing Unit, which was not an
add-on,
> but was standard equipment on the only IBM 7950 Data Processing System
> (Harvest), of which only one was manufactured.
Huh? The 7030 was one major component of the 7950. The 7030 could be
used by itself, but the 7951 depnded on the 7030. Sure sounds like an
add-on to me.
BTW, I never understood how they were allowed to publish a paper on
Harvest, given who their customer was.
--
--
Shmuel (Seymour J.) Metz
"A BIND is a terrible thing to waste"
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Steganography vs. Security through Obscurity
Date: Wed, 23 Aug 2000 21:14:58 GMT
In article <kfWo5.43089$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] wrote:
> It's not true that knowing the algorithm is enough to defeated
> steganography, althouth it sometimes is.
When I said "defeat" I was thinking of removing the steganography if
it is used for watermarking. Another use is transporting encrypted
information. I guess I wasn't including that in my thoughts.
Matt,
can you think of a stego system used for watermarking that CAN'T be
defeated(removed) if the algorithm and parameters are known, but
the key isn't?
Can you list a reference to one, or describe it? I'd be interested.
Thanks.
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: "Douglas A. Gwyn" <[EMAIL PROTECTED]>
Subject: Re: Bytes, octets, chars, and characters
Date: Wed, 23 Aug 2000 17:23:18 -0400
[EMAIL PROTECTED] wrote:
> BTW, I never understood how they were allowed to publish a paper on
> Harvest, given who their customer was.
What country do you think this is, the Soviet Union?
In the US, the government can constrain publication only
under certain circumstances covered by the law, for
example when it is reasonable to think that the nation's
security would be jeapordized by the publication.
------------------------------
From: [EMAIL PROTECTED]
Crossposted-To: comp.lang.c,alt.folklore.computers
Subject: Re: Bytes, octets, chars, and characters
Date: Wed, 23 Aug 2000 21:20:04 GMT
In article <[EMAIL PROTECTED]>,
Dennis Ritchie <[EMAIL PROTECTED]> wrote:
> Stretch was a very interesting project. It was in some ways
> utterly at odds with ISA architecture as it evolved in
> even the fairly-near future (e.g. the /360): it had
> a single 64-bit accumulator which in some contexts could
> be considered as 128 bits, a bunch of very fancy index
> registers, bit-addressible memory.
>
> At the same time, in many implementation details
> (the 8-bit byte and general 2^n bit datapath,
> peripherals and memory interface, OOO execution and instruction
> look-ahead) it was an effort that had far-reaching
> effects.
IMHO it was the most successful "failure" in the history of computing;
IBM recycled vast quantities of Stretch technology in the 7000 series
and System/360. The core, disk, I/O architecture, printer and tape all
left their mark. IBM in effect did it as a long term investment,
whatever the intent.
Univac, OTOH, did it for a LARC <g, d & r>.
--
--
Shmuel (Seymour J.) Metz
"A BIND is a terrible thing to waste"
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: David A Molnar <[EMAIL PROTECTED]>
Subject: Re: Steganography vs. Security through Obscurity
Date: 23 Aug 2000 21:02:56 GMT
[EMAIL PROTECTED] wrote:
> I maintained that one of the differences between the two is that
> strong cryptography doesn't need obscurity. However, every system
> I've seen for steganography requires some obscurity. If the algorithm
> is known, then the steganography can be defeated.
False, I think. You can consider steganography systems with keys;
for instance, something which uses a PRNG with a secret seed
to create a pseudo-OTP, then sends that interspersed in an ordinary,
truly random string.
(for instance, maybe I run HotBits at CERN and I want to send stego'd
messages to my evil compatriots across Europe. yes, it's artificial).
Then,
assuming that the PRNG is "good enough" (which I won't go into
right now)
assuming that the key is secret
assuming the adversary can be modelled by a probabilistic
polynomial time turing machine
we should have that the output of the PRNG is
indistinguishable from the truly random bits surrounding it.
Even an adversary who magically guesses which bits are "message" bits
and which bits are "random" bits will be unable to confirm its guess.
As far as it can tell, all the bits look "equally random", and so
the adversary has no way to tell whether a message is being sent
or what it is. This holds even if the PRNG algorithm is known (this is
part of it being "good enough."). All security lies in the key.
Admittedly, this was contrived off the top of my head. Real life
applications do not involve inserting stego'd messages into truly random
covertext. But it should show that a kind of "steganography without
obscurity" is possible, at least in the sense that "obscurity" is usually
meant.
I had the same misconception for a long time. Doug Gwyn was good enough
to tell me that this was not the case; see the International Workshops
on Information Hiding which have been going on for the last few years.
Christian Cachin also has an "Information-Theoretic Model for
Steganography" up on eprint.iacr.org (if memory serves), which attempts
to sort out these questions.
Thanks,
-David
------------------------------
From: Shellac <[EMAIL PROTECTED]>
Subject: Re: 1-time pad is not secure...
Date: 23 Aug 2000 22:53:11 +0100
=====BEGIN PGP SIGNED MESSAGE=====
Hash: SHA1
"Douglas A. Gwyn" <[EMAIL PROTECTED]> writes:
> Shellac wrote:
> > there are a number of related proofs which suggest that
> > indeterministic versions of quantum mechanics must be non-local
>
> But Little's approach counters those. As with EPR, apparent
> nonlocality or FTL is often (always?) due to inappropriate
> assumptions made in the analysis.
Well, all they say is: 2-time determinism iff Bell-factorisabilty
(well, the simplest one shows this). No determinism, no
factorisability. So I suppose it's only compelling if you think
Bell-factorising is a necessary condition for locality.
Anyway, the interesting question is whether non-locality is a problem
(wrt relativity). It seems not (cf Maudlin's book).
Anyway, this seems wwwaaaaayyyyyy OT for this group ;-)
Shellac
- --
Key fingerprint = FC31 23CA 3EBA E30D 2F20 D7EA 8C8F BB0A 49CA 5201
I use and endorse MkLinux, MacOS, GnuPG, Xemacs, Alpha (text
processor), wwwoffle, w3m, Gnus, Leafnode, Cherry Coke, PG Tips. They
do not sponsor me. Despite endless requests.
=====BEGIN PGP SIGNATURE=====
Version: GnuPG v1.0.2 (GNU/Linux)
Comment: Processed by Mailcrypt 3.5.5 and Gnu Privacy Guard <http://www.gnupg.org/>
iD8DBQE5pEfFjI+7CknKUgERAm3kAJ9t3Vnj/fiX/IrTWWrO+PdolEU9ZgCfRld5
tnUWlK8BdvZ4iGzzvP+1LVg=
=Xm3Z
=====END PGP SIGNATURE=====
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
